CVE-2006-2414 Information

Feb 14, 2021 cve

Description

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ..\ sequences in the (1) LIST or (2) DELETE IMAP command.

Reference

http://dovecot.org/list/dovecot-cvs/2006-May/005563.html http://secunia.com/advisories/20308 http://secunia.com/advisories/20315 http://securityreason.com/securityalert/913 http://www.debian.org/security/2006/dsa-1080 http://www.dovecot.org/list/dovecot-news/2006-May/000006.html http://www.securityfocus.com/archive/1/433878/100/0/threaded http://www.securityfocus.com/bid/17961 http://www.vupen.com/english/advisories/2006/2013 https://exchange.xforce.ibmcloud.com/vulnerabilities/26536

Share on: