Vulnerability & Exploit Database

Displaying all 4 entries

Results for: CVE-2007-6598 Back to search

SUSE Linux Security Advisory: SUSE-SR:2008:020 Vulnerability

  • Severity: 7
  • Published: March 10, 2008

Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.

USN-567-1: Dovecot vulnerability Vulnerability

  • Severity: 7
  • Published: January 03, 2008

Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.

SUSE Linux Security Vulnerability: CVE-2007-6598 Vulnerability

  • Severity: 7
  • Published: January 03, 2008

Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.

RHSA-2008:0297: dovecot security and bug fix update Vulnerability

  • Severity: 7
  • Published: January 03, 2008

Dovecot is an IMAP server for Linux and UNIX-like systems, primarilywritten with security in mind.A flaw was discovered in the way Dovecot handled the "mail_extra_groups"option. An authenticated attacker with local shell access could leveragethis flaw to read, modify, or delete other users mail that is stored onthe mail server. (CVE-2008...