| Max CVSS | 6.4 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4577 | 6.4 |
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
|
21-01-2024 - 02:46 | 15-10-2008 - 20:08 | |
| CVE-2008-4870 | 2.1 |
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
|
03-02-2022 - 19:58 | 01-11-2008 - 00:00 | |
| CVE-2008-4578 | 5.0 |
The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
|
11-10-2018 - 20:52 | 15-10-2008 - 20:08 | |
| CVE-2008-4907 | 4.3 |
The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an as
|
08-08-2017 - 01:32 | 04-11-2008 - 00:58 |