You are here

CVE-2011-2166

Vincent (CVE) Danen's picture
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.

Details Source

Mitre

Public Date

2011-05-11 00:00:00

Impact

Low

Bugzilla

CVE-2011-2166 dovecot: authenticated remote bypass of intended access restrictions

Bugzilla ID

709 095

CVSS Status

verified

Base Score

3.60

Base Metrics

AV:N/AC:H/Au:S/C:P/I:P/A:N

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (dovecot) RHSA-2013:0520 2013-02-20

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 dovecot Not affected
Red Hat Enterprise Linux 4 dovecot Not affected