Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-4870HistoryNov 01, 2008 - 12:00 a.m.
CVE-2008-4870
2008-11-0100:00:01
Debian Security Bug Tracker
security-tracker.debian.org
13
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dovecot | <= 1:2.3.19.1+dfsg1-2.1 | dovecot_1:2.3.19.1+dfsg1-2.1_all.deb |
| Debian | 11 | all | dovecot | <= 1:2.3.13+dfsg1-2+deb11u1 | dovecot_1:2.3.13+dfsg1-2+deb11u1_all.deb |
| Debian | 999 | all | dovecot | <= 1:2.3.21+dfsg1-3 | dovecot_1:2.3.21+dfsg1-3_all.deb |
| Debian | 13 | all | dovecot | <= 1:2.3.21+dfsg1-3 | dovecot_1:2.3.21+dfsg1-3_all.deb |
Related
prion
prion
Design/Logic Flaw
2008-11-01 00:00:00
cvelist
cvelist
CVE-2008-4870
2008-10-31 22:00:00
cve
cve
CVE-2008-4870
2008-11-01 00:00:01
veracode
veracode
Information Disclosure
2020-04-10 00:35:06
nvd
nvd
CVE-2008-4870
2008-11-01 00:00:01
ubuntucve
ubuntucve
CVE-2008-4870
2008-11-01 00:00:00
openvas
openvas
RedHat Security Advisory RHSA-2009:0205
2009-01-26 00:00:00
RedHat Security Advisory RHSA-2009:0205
2009-01-26 00:00:00
Oracle: Security Advisory (ELSA-2009-0205)
2015-10-08 00:00:00
nessus
nessus
Scientific Linux Security Update : dovecot on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 5 : dovecot (RHSA-2009:0205)
2009-01-21 00:00:00
Oracle Linux 5 : dovecot (ELSA-2009-0205)
2023-09-07 00:00:00
redhat
redhat
(RHSA-2009:0205) Low: dovecot security and bug fix update
2009-01-20 00:00:00
oraclelinux
oraclelinux
dovecot security and bug fix update
2009-01-27 00:00:00
gentoo
gentoo
Dovecot: Multiple vulnerabilities
2008-12-14 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2008-4870