Public Date:
251007: CVE-2007-4211 Dovecot possible privilege ascalation in ACL plugin

The MITRE CVE dictionary describes this issue as:

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.

Find out more about CVE-2007-4211 from the MITRE CVE dictionary dictionary and NIST NVD.


These issues did not affect the dovecot versions as shipped with Red Hat Enterprise Linux 2.1, 3, or 4. An update to Red Hat Enterprise Linux 5 was released to correct this issue:

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (dovecot) RHSA-2008:0297 2008-05-20
Last Modified

CVE description copyright © 2017, The MITRE Corporation