MitreCVELIST:CVE-2008-5301

HistoryDec 01, 2008 - 5:00 p.m.

CVE-2008-5301

2008-12-0117:00:00

mitre

www.cve.org

7.3 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.9%

JSON

Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a “…” (dot dot) in a script name.

References

secunia.com/advisories/32768

secunia.com/advisories/36904

www.dovecot.org/list/dovecot/2008-November/035259.html

www.securityfocus.com/bid/32582

www.ubuntu.com/usn/USN-838-1

www.vupen.com/english/advisories/2008/3190

exchange.xforce.ibmcloud.com/vulnerabilities/46672