Timo Sirainen » Dovecot : Security Vulnerabilities, CVEs,

CVE-2006-5973

Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
Max CVSS
5.0
EPSS Score
15.20%
Published
2006-11-20
Updated
2018-10-17

CVE-2006-2414

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Max CVSS
5.0
EPSS Score
0.72%
Published
2006-05-16
Updated
2018-10-18

CVE-2006-0730

Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
Max CVSS
5.0
EPSS Score
1.83%
Published
2006-02-16
Updated
2017-07-20
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close