Computer Security
[EN] securityvulns.ru no-pyccku


Dovecot password caching vulnerability
Published:04.01.2008
Source:
SecurityVulns ID:8521
Type:local
Threat Level:
2/10
Description:Under some conditions user can be logged with different account with same password.
CVE:CVE-2007-6598 (Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.)
Original documentdocument , (unnamed)(04.01.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod