Dovecot Access Control List (ACL) Plugin Security Bypass Weakness

Dovecot is prone to a security-bypass weakness because INBOX Access Control Lists (ACLs) could be used as the default for new mailboxes.

Attackers can exploit this issue to bypass intended security restrictions. This may aid in further attacks.

Versions prior to Dovecot 1.2.13 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus