Timo Sirainen: >> Dovecot >> 1.0 Security Vulnerabilities
Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
CVSS Score
5.0
EPSS Score
0.02
Published
2006-11-20
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
CVSS Score
5.0
EPSS Score
0.008
Published
2006-05-16