CVE-2013-6171 — Improper Authentication in Dovecot

CWE-287 — Improper Authentication7 documents7 sources

Severity

5.8MEDIUMNVD

EPSS

0.2%

top 52.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dovecot Debian Dovecot

Timeline

PublishedDec 9

Latest updateMay 14

Description

checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account information in the response to the dovecot-auth server.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages3 packages

▶debiandebian/dovecot< dovecot 1:2.2.9-1 (bookworm)

▶Debiandovecot/dovecot< 1:2.2.9-1+3

▶NVDdovecot/dovecot2.2.6+39

Patches

Patch: www.dovecot.org ↗Patch: www.dovecot.org ↗

🔴Vulnerability Details

GHSA

GHSA-f2q7-xh76-m34j: checkpassword-reply in Dovecot before 2↗2022-05-14

▶

OSV

CVE-2013-6171: checkpassword-reply in Dovecot before 2↗2013-12-09

▶

📋Vendor Advisories

Ubuntu

Dovecot vulnerabilities↗2018-02-01

▶

Red Hat

dovecot: passdb checkpassword authentication local bypass↗2013-11-03

▶

Debian

CVE-2013-6171: dovecot - checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user...↗2013

▶

💬Community

Bugzilla

CVE-2013-6171 dovecot: passdb checkpassword authentication local bypass↗2013-11-08

▶