Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dovecot ACL绕过预设访问限制漏洞
Vulnerability Description
Dovecot是一款开源的基于类Linux/UNIX系统的IMAP和POP3邮件服务器。 Dovecot 1.2.15之前的1.2.x版本和2.0.beta2之前的2.0.x版本向非公有命名空间中每个收件箱的所有者授予管理许可。远程认证用户可以通过改变收件箱的ACL绕过预设的访问限制。
CVSS Information
N/A
Vulnerability Type
N/A