Dovecot
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-4983 | 0.00 | — | 0.00 | Nov 5, 2019 | A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. | |||
| CVE-2006-5973 | 0.00 | — | 0.03 | Nov 20, 2006 | Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the… | |||
| CVE-2006-2414 | 0.00 | — | 0.02 | May 16, 2006 | Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command. | |||
| CVE-2006-0730 | 0.00 | — | 0.02 | Feb 16, 2006 | Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3)… |
- CVE-2016-4983Nov 5, 2019risk 0.00cvss —epss 0.00
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.
- CVE-2006-5973Nov 20, 2006risk 0.00cvss —epss 0.03
Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the…
- CVE-2006-2414May 16, 2006risk 0.00cvss —epss 0.02
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
- CVE-2006-0730Feb 16, 2006risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3)…