[dovecot] [CVE-2007-6598] information disclosure
Bug #181724 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dovecot (Ubuntu) |
Fix Released
|
Undecided
|
Kees Cook |
Bug Description
Binary package hint: dovecot
References:
DSA-1457-1 (http://
Quoting:
"It was discovered that Dovecot, a POP3 and IMAP server, only when used
with LDAP authentication and a base that contains variables, could allow
a user to log in to the account of another user with the same password."
CVE References
Changed in dovecot: | |
status: | New → Fix Committed |
To post a comment you must log in.
This was published in: http:// www.ubuntu. com/usn/ usn-567- 1