MidnightBSD

Advisories for timo_sirainen

CVE-2006-0730 MEDIUM

Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
timo_sirainen dovecot *
CVE-2006-2414 MEDIUM

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
timo_sirainen dovecot 1.0_beta3
timo_sirainen dovecot 1.0
timo_sirainen dovecot 1.0_beta7
timo_sirainen dovecot 1.0_beta2