CVE-2008-1218
CVE-2008-1218
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
cve_referencewww.exploit-db.com/exploits/5257no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.htmlhttp://secunia.com/advisories/29226http://secunia.com/advisories/29295http://secunia.com/advisories/29364http://secunia.com/advisories/29385http://secunia.com/advisories/29396http://secunia.com/advisories/29557http://secunia.com/advisories/32151http://security.gentoo.org/glsa/glsa-200803-25.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41085https://issues.rpath.com/browse/RPL-2341https://usn.ubuntu.com/593-1/