| Vulnerability Name: | CVE-2010-3707 (CCN-62255) | ||||||||||||||||||||||||
| Assigned: | 2010-10-01 | ||||||||||||||||||||||||
| Published: | 2010-10-01 | ||||||||||||||||||||||||
| Updated: | 2011-08-27 | ||||||||||||||||||||||||
| Summary: | plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 5.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N) 4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
4.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-264 | ||||||||||||||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2010-3707 Source: SUSE Type: UNKNOWN SUSE-SR:2010:020 Source: MLIST Type: UNKNOWN [oss-security] 20101004 CVE Request: more dovecot ACL issues Source: MLIST Type: UNKNOWN [oss-security] 20101004 Re: CVE Request: more dovecot ACL issues Source: CCN Type: RHSA-2011-0600 Moderate: dovecot security and enhancement update Source: CCN Type: SA41723 Dovecot ACL Handling Security Issue Source: SECUNIA Type: UNKNOWN 43220 Source: MLIST Type: Vendor Advisory [dovecot] 20101002 v1.2.15 released Source: CCN Type: Dovecot Web Site [Dovecot] v2.0.5 released Source: MLIST Type: Vendor Advisory [dovecot] 20101002 v2.0.5 released Source: MLIST Type: Vendor Advisory [dovecot] 20101002 ACL handling bugs in v1.2.8+ and v2.0 Source: MANDRIVA Type: UNKNOWN MDVSA-2010:217 Source: CCN Type: OSVDB ID: 68515 Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass Source: REDHAT Type: UNKNOWN RHSA-2011:0600 Source: CCN Type: BID-43690 Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities Source: UBUNTU Type: UNKNOWN USN-1059-1 Source: VUPEN Type: Vendor Advisory ADV-2010-2572 Source: VUPEN Type: UNKNOWN ADV-2010-2840 Source: VUPEN Type: UNKNOWN ADV-2011-0301 Source: XF Type: UNKNOWN dovecot-acl-entry-sec-bypass(62255) Source: SUSE Type: SUSE-SR:2010:020 SUSE Security Summary Report | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||