CVE-2007-4211

Severity

60%

Complexity

68%

Confidentiality

106%

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.

CVSS 2.0 Base Score 6. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P).

Overview

First reported 17 years ago

2007-08-08 02:17:00

Last updated 7 years ago

2017-09-29 01:29:00

Affected Software

Dovecot

References

26320

Vendor Advisory

26475

30342

[dovecot-news] 20070801 v1.0.3 released

RHSA-2008:0297

25182

Patch

dovecot-aclplugin-security-bypass(35767)

https://issues.rpath.com/browse/RPL-1621

oval:org.mitre.oval:def:11558

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.