CVSS: 5.8EPSS: 0%CPEs: 51EXPL: 0CVE-2013-6171
https://notcve.org/view.php?id=CVE-2013-6171
checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account information in the response to the dovecot-auth server. checkpassword-reply en Dovecot anteriores a 2.2.7 ejecuta operaciones setuid a usuarios que se están autenticando, lo cual permite a usuarios locales sortear la autenticación y acceder a cuentas de email virtuales adjuntandose al proceso y utilizando un descriptor de fichero restringido para modificar información de la cuenta en la respuesta al servidor dovecot-auth. • http://cpanel.net/tsr-2013-0010-full-disclosure http://secunia.com/advisories/54808 http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security http://www.dovecot.org/list/dovecot-news/2013-November/000264.html https://usn.ubuntu.com/3556-2 • CWE-287: Improper Authentication •
CVSS: 5.8EPSS: 0%CPEs: 16EXPL: 0CVE-2011-4318 – dovecot: proxy destination host name not checked against SSL certificate name
https://notcve.org/view.php?id=CVE-2011-4318
Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname. Dovecot v2.0.x antes de v2.0.16, cuando ssl o starttls está disponible y hostname se usa para definir la destinación del proxy, que no verifica que el servidor hostname busca el nombre del dominio en el sujeto del Common Name (CN) del certificado X.509, que permite ataques man-in-the middle para burlar los servidores SSL a través de un certificado para un hostname diferente. • http://hg.dovecot.org/dovecot-2.0/rev/5e9eaf63a6b1 http://rhn.redhat.com/errata/RHSA-2013-0520.html http://secunia.com/advisories/46886 http://secunia.com/advisories/52311 http://www.dovecot.org/list/dovecot-news/2011-November/000200.html http://www.openwall.com/lists/oss-security/2011/11/18/5 http://www.openwall.com/lists/oss-security/2011/11/18/7 https://bugs.gentoo.org/show_bug.cgi?id=390887 https://bugzilla.redhat.com/show_bug.cgi?id=754980 https:/&# • CWE-20: Improper Input Validation •