PT-2008-5795 · Dovecot+1 · Dovecot+1

Publicado

2008-10-15

·

Atualizado

2024-01-21

·

CVE-2008-4577

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Dovecot versions prior to 1.1.4
Description The issue allows attackers to bypass intended access restrictions due to the ACL plugin treating negative access rights as if they are positive access rights.
Recommendations For versions prior to 1.1.4, update to version 1.1.4 or later to resolve the issue.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863

Identificadores relacionados

CVE-2008-4577
RHSA-2009:0205
RHSA-2009_0205

Produtos afetados

Dovecot
Red Hat