Unrated severityNVD Advisory· Published May 16, 2006· Updated Apr 16, 2026
CVE-2006-2414
CVE-2006-2414
Description
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Affected products
4cpe:2.3:a:timo_sirainen:dovecot:1.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:timo_sirainen:dovecot:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:timo_sirainen:dovecot:1.0_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:timo_sirainen:dovecot:1.0_beta3:*:*:*:*:*:*:*
- cpe:2.3:a:timo_sirainen:dovecot:1.0_beta7:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.dovecot.org/list/dovecot-news/2006-May/000006.htmlnvdPatch
- www.securityfocus.com/bid/17961nvdPatch
- dovecot.org/list/dovecot-cvs/2006-May/005563.htmlnvd
- secunia.com/advisories/20308nvd
- secunia.com/advisories/20315nvd
- securityreason.com/securityalert/913nvd
- www.debian.org/security/2006/dsa-1080nvd
- www.securityfocus.com/archive/1/433878/100/0/threadednvd
- www.vupen.com/english/advisories/2006/2013nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26536nvd
News mentions
0No linked articles in our index yet.