Oval Definition:oval:org.mitre.oval:def:8032
Revision Date:2014-06-23Version:19
Title:DSA-1457 dovecot -- programming error
Description:It was discovered that Dovecot, a POP3 and IMAP server, only when used # Remark: "base" refers to a variable(?!) and should not contain something as # base = %r! with LDAP authentication and base contains variables, could allow a user to log in to the account of another user with the same password. The old stable distribution (sarge) is not affected. For the stable distribution (etch), this problem has been fixed in version 1.0.rc15-2etch3. For the unstable distribution (sid), this problem has been fixed in version 1.0.10-1. We recommend that you upgrade your dovecot packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-6598
DSA-1457
Platform(s):Debian GNU/Linux 4.0
Product(s):dovecot
Definition Synopsis
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • dovecot-pop3d is earlier than 1.0.rc15-2etch3
  • OR dovecot-common is earlier than 1.0.rc15-2etch3
  • OR dovecot-imapd is earlier than 1.0.rc15-2etch3
  • OR Architecture dependent section
  • Installed architecture is amd64
  • AND Packages section
  • dovecot-pop3d is earlier than 1.0.rc15-2etch2
  • OR dovecot-common is earlier than 1.0.rc15-2etch3
  • OR dovecot-imapd is earlier than 1.0.rc15-2etch3
    • BACK