CVE-2008-4870

Impact:
Low
Public Date:
2008-03-06
Bugzilla:
469659: CVE-2008-4870 dovecot: ssl_key_password disclosure due to an insecure dovecot.conf permissions

The MITRE CVE dictionary describes this issue as:

dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.

Find out more about CVE-2008-4870 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (dovecot) RHSA-2009:0205 2009-01-20

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.