Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4211

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2007-4211
Last Modified 21 Aug 2010 01:09:42
Published 07 Aug 2007 10:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2007-4211

Summary

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.

Vulnerable Systems

Application

  • Dovecot 1.0.2


References

BID - 25182

XF - dovecot-aclplugin-security-bypass(35767)

REDHAT - RHSA-2008:0297

MLIST - [dovecot-news] 20070801 v1.0.3 released

SECUNIA - 30342

SECUNIA - 26320

CONFIRM - https://issues.rpath.com/browse/RPL-1621

SECUNIA - 26475

Related Patches

Red Hat 2008:0297-06 RHSA Low: dovecot security and bug fix update for RHEL 5 x86


Last Updated: 27 May 2016 10:45:48