Debian Dovecot vulnerabilities

CVE-2016-4983 [LOW] CVE-2016-4983: dovecot - A postinstall script in the dovecot rpm allows local users to read the contents ... A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2015-3420 [MEDIUM] CVE-2015-3420: dovecot - The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disable... The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures. Scope: local bookworm: resolved (fixed in 1:2.2.13-12) bullseye: resolved (fixed in 1:2.2.13-12) forky: resolved (fixed in 1:2.2.13-12) sid: resolved (fixed in 1:2.2.13

CVE-2014-3430 [MEDIUM] CVE-2014-3430: dovecot - Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.... Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. Scope: local bookworm: resolved (fixed in 1:2.2.13~rc1-1) bullseye: resolved (fixed in 1:2.2.13~r

CVE-2013-2111 [MEDIUM] CVE-2013-2111: dovecot - The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause ... The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via invalid APPEND parameters. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2013-6171 [MEDIUM] CVE-2013-6171: dovecot - checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user... checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account information in the response to the dovecot-auth server. Scope: local bookworm: resolved (fixed

CVE-2011-1929 [MEDIUM] CVE-2011-1929: dovecot - lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before... lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message. Scope: local bookworm: resolved (fixed in 1:2.0.13-1) bullseye: resolved (fixed in 1:2.0.13-1) f

CVE-2011-2166 [MEDIUM] CVE-2011-2166: dovecot - script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group c... script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script. Scope: local bookworm: resolved (fixed in 1:2.0.13-1) bullseye: resolved (fixed in 1:2.0.13-1) forky: resolved (fixed in 1:2.0.13-1) sid: resolved (fixed in

CVE-2011-4318 [MEDIUM] CVE-2011-4318: dovecot - Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is use... Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname. Scope: local bookw

CVE-2011-2167 [MEDIUM] CVE-2011-2167: dovecot - script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configura... script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script. Scope: local bookworm: resolved (fixed in 1:2.0.13-1) bullseye: resolved (fixed in 1:2.0.13-1) forky: resolved (fixed in 1:2.0.13-1) sid: resolved (fixed in 1:2.0.13-

CVE-2010-3706 [MEDIUM] CVE-2010-3706: dovecot - plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before ... plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users

CVE-2010-3707 [MEDIUM] CVE-2010-3707: dovecot - plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before ... plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allo

CVE-2010-3304 [MEDIUM] CVE-2010-3304: dovecot - The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly cre... The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs. Scope: local bookworm: resolved (fixed in 1.2.13-1) bullseye: resolved (fixed in 1.2.13-1) forky: resolved (fixed in 1.2.13-1) sid: resolved (fixed in 1.2.13-1)

CVE-2010-3780 [MEDIUM] CVE-2010-3780: dovecot - Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial ... Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions. Scope: local bookworm: resolved (fixed in 1:1.2.15-1) bullseye: resolved (fixed in 1:1.2.15-1) forky: resolved (fixed in 1:1.2.15-1) sid: resolved (fixed in 1:1.2.15-1) trixie: resolved

CVE-2010-0535 [MEDIUM] CVE-2010-0535: dovecot - Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not... Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: reso

CVE-2010-3779 [LOW] CVE-2010-3779: dovecot - Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permissi... Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox. Scope: local bookworm: resolved (fixed in 1:1.2.15-1) bullseye: res

CVE-2010-4011 [MEDIUM] CVE-2010-4011: dovecot - Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user... Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue." Scope: local bookworm: resolved bullseye: resolved forky: resolved

CVE-2010-0745 [MEDIUM] CVE-2010-0745: dovecot - Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers... Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message. Scope: local bookworm: resolved (fixed in 1:1.2.11-1) bullseye: resolved (fixed in 1:1.2.11-1) forky: resolved (fixed in 1:1.2.11-1) sid: resolved (fixed in 1:1.2.11-1) trixie: resolved (fixed in 1:1.2

CVE-2009-3235 [MEDIUM] CVE-2009-3235: dovecot - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before ... Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different

CVE-2009-3897 [MEDIUM] CVE-2009-3897: dovecot - Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain dire... Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself. Scope: local bookworm: resolved (fixed in 1:1.2.8-1) bullseye: r

CVE-2009-2632 [MEDIUM] CVE-2009-2632: dovecot - Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus... Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer leng