ID CVE-2008-1218
Summary Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
References
Vulnerable Configurations
  • cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*
    cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*
  • cpe:2.3:a:dovecot:dovecot:*:rc2:*:*:*:*:*:*
    cpe:2.3:a:dovecot:dovecot:*:rc2:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 11-10-2018 - 20:30)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 28181
bugtraq 20080312 rPSA-2008-0108-1 dovecot
confirm https://issues.rpath.com/browse/RPL-2341
debian DSA-1516
exploit-db 5257
fedora
  • FEDORA-2008-2464
  • FEDORA-2008-2475
gentoo GLSA-200803-25
misc http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0108
mlist
  • [Dovecot-news] 20080309 Security hole #6: Some passdbs allowed users to log in without a valid password
  • [Dovecot-news] 20080309 v1.0.13 and v1.1.rc3 released
secunia
  • 29226
  • 29295
  • 29364
  • 29385
  • 29396
  • 29557
  • 32151
suse SUSE-SR:2008:020
ubuntu USN-593-1
xf dovecot-tab-authentication-bypass(41085)
statements via4
contributor Joshua Bressers
lastmodified 2008-03-12
organization Red Hat
statement Not vulnerable. This issue did not affect versions of Dovecot as shipped with Red Hat Enterprise Linux 4 or 5.
Last major update 11-10-2018 - 20:30
Published 10-03-2008 - 23:44
Back to Top