CVE-2006-2414
CVE-2006-2414
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://dovecot.org/list/dovecot-cvs/2006-May/005563.htmlhttp://secunia.com/advisories/20308http://secunia.com/advisories/20315http://securityreason.com/securityalert/913https://exchange.xforce.ibmcloud.com/vulnerabilities/26536http://www.debian.org/security/2006/dsa-1080http://www.dovecot.org/list/dovecot-news/2006-May/000006.htmlhttp://www.securityfocus.com/archive/1/433878/100/0/threadedhttp://www.securityfocus.com/bid/17961http://www.vupen.com/english/advisories/2006/2013