CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2006-2414
https://notcve.org/view.php?id=CVE-2006-2414
16 May 2006 — Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command. • http://dovecot.org/list/dovecot-cvs/2006-May/005563.html •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2006-0730
https://notcve.org/view.php?id=CVE-2006-0730
16 Feb 2006 — Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability. • http://secunia.com/advisories/18870 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •