CVE-2008-4577 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-4577
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-4577

Description: The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.

CVE Status: Candidate

References: SUSE http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html SAID Secunia Advisory: SA32164 Secunia Advisory: SA33149 Secunia Advisory: SA33624 Secunia Advisory: SA32471 REDHAT http://www.redhat.com/support/errata/RHSA-2009-0205.html MLIST http://www.dovecot.org/list/dovecot-news/2008-October/000085.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:232 GENTOO http://security.gentoo.org/glsa/glsa-200812-16.xml FEDORA CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=240409 BID 31587

Return to the previous page.