Required CVE Record Information
Description
checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account information in the response to the dovecot-auth server.
References 5 Total
- http://cpanel.net/tsr-2013-0010-full-disclosure/
- http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
- usn.ubuntu.com: USN-3556-2 vendor-advisory
- secunia.com: 54808 third-party-advisory
- dovecot.org: [Dovecot-news] 20131103 v2.2.7 released mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- http://cpanel.net/tsr-2013-0010-full-disclosure/ x_transferred
- http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security x_transferred
- usn.ubuntu.com: USN-3556-2 vendor-advisoryx_transferred
- secunia.com: 54808 third-party-advisoryx_transferred
- dovecot.org: [Dovecot-news] 20131103 v2.2.7 released mailing-listx_transferred