First published: Fri Sep 24 2010(Updated: )
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dovecot Dovecot | =1.2.2 | |
Dovecot Dovecot | =1.2.7 | |
Dovecot Dovecot | =1.2.4 | |
Dovecot Dovecot | =1.2.9 | |
Dovecot Dovecot | =1.2.11 | |
Dovecot Dovecot | =1.2.1 | |
Dovecot Dovecot | =1.2.8 | |
Dovecot Dovecot | =1.2.6 | |
Dovecot Dovecot | =1.2.5 | |
Dovecot Dovecot | =1.2.10 | |
Dovecot Dovecot | =1.2.3 | |
Dovecot Dovecot | =1.2.0 | |
Dovecot Dovecot | =1.2.12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.