First published: Wed Apr 25 2007(Updated: )
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dovecot Dovecot | =1.0.rc20 | |
Dovecot Dovecot | =1.0.beta2 | |
Dovecot Dovecot | =1.0.beta5 | |
Dovecot Dovecot | =1.0.rc15 | |
Dovecot Dovecot | =1.0.rc19 | |
Dovecot Dovecot | =1.0.rc12 | |
Dovecot Dovecot | =1.0.beta4 | |
Dovecot Dovecot | =1.0.rc14 | |
Dovecot Dovecot | =1.0.beta6 | |
Dovecot Dovecot | =1.0.beta9 | |
Dovecot Dovecot | =1.0.rc8 | |
Dovecot Dovecot | =1.0.rc2 | |
Dovecot Dovecot | =1.0.rc25 | |
Dovecot Dovecot | =1.0.beta8 | |
Dovecot Dovecot | =1.0.beta3 | |
Dovecot Dovecot | =1.0.rc16 | |
Dovecot Dovecot | =1.0.rc9 | |
Dovecot Dovecot | =1.0.rc27 | |
Dovecot Dovecot | =1.0.beta1 | |
Dovecot Dovecot | =1.0.rc13 | |
Dovecot Dovecot | =1.0.rc11 | |
Dovecot Dovecot | =1.0.rc6 | |
Dovecot Dovecot | =1.0.rc26 | |
Dovecot Dovecot | =1.0.rc17 | |
Dovecot Dovecot | =1.0.rc3 | |
Dovecot Dovecot | =1.0.rc1 | |
Dovecot Dovecot | =1.0.rc21 | |
Dovecot Dovecot | =1.0.rc22 | |
Dovecot Dovecot | =1.0.rc10 | |
Dovecot Dovecot | =1.0.rc28 | |
Dovecot Dovecot | =1.0.rc7 | |
Dovecot Dovecot | =1.0.rc5 | |
Dovecot Dovecot | =1.0.rc18 | |
Dovecot Dovecot | =1.0.rc23 | |
Dovecot Dovecot | =1.0.beta7 | |
Dovecot Dovecot | =1.0.rc4 | |
Dovecot Dovecot | =1.0.rc24 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.