Max CVSS | 6.4 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-3707 | 5.5 |
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another
|
27-08-2011 - 03:44 | 06-10-2010 - 17:00 | |
CVE-2010-3780 | 4.0 |
Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
|
27-08-2011 - 03:44 | 06-10-2010 - 21:00 | |
CVE-2010-3779 | 3.5 |
Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a ma
|
12-02-2011 - 06:44 | 06-10-2010 - 21:00 | |
CVE-2010-3706 | 5.5 |
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another
|
12-02-2011 - 06:44 | 06-10-2010 - 17:00 | |
CVE-2010-3304 | 6.4 |
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
|
12-02-2011 - 06:43 | 24-09-2010 - 19:00 |