CVE-2006-2414
EPSS 1.1%dovecot - programming error
發布日:2006/5/16修改日:2026/4/28
也稱為:DEBIAN-CVE-2006-2414
描述
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
受影響套件(2)
- Debian/dovecotfrom 0, < 1.0.beta8-1
- Debian/dovecotfrom 0, < 0.99.14-1sarge0