Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-114: Dovecot Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-114: Dovecot Vulnerability
# 1  
Old 01-11-2008
S-114: Dovecot Vulnerability
Dovecot, a POP3 and IMAP server, only when used with LDAP authentication and base contains variables, that could allow a user to log in to the account of another user with the same password. The risk is LOW. Could allow a user to log in to the account of another user with the same password.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Cat 114 files using grep or awk to pull muliple fields

Files xxxxxxx.txt ------------------------------------------------------------------------------------------------------------------------------------ Req.By: xxxxxxx WABUSH MINES - xxxxxx MINE (1001) Page: 1 Run on: 12/14/09... (4 Replies)
Discussion started by: sctxms
4 Replies

2. UNIX for Dummies Questions & Answers

Sendmail, Cyrus, Dovecot

I've been using Sendmail for several months - no problem. Shortly, a need appeared to provide remote access to mail - POP3/IMAP. I worked a little with Dovecot, and there was some success, than I read that Cyrus is cooler or so, like better for production sites because it makes links and not copies... (0 Replies)
Discussion started by: Action
0 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

doveadm-instance

DOVEADM-INSTANCE(1)						      Dovecot						       DOVEADM-INSTANCE(1)

NAME

       doveadm-instance - Manage the list of running Dovecot instances

SYNOPSIS

       doveadm [-Dv] [-f formatter] instance list
       doveadm [-Dv] instance remove name | base_dir

DESCRIPTION

       The  doveadm instance commands are used to manage the list of Dovecot instances running on the server.  In most installations there is only
       one Dovecot instance, but in some cases is may be useful to have more (e.g. running director proxy and backend in the same server).

       Instances are added to the list automatically when Dovecot is started.  Each instance is  uniquely  identified  by  its	base_dir  setting.
       Instances  can  be named by setting instance_name in each instance's dovecot.conf.  When an instance is named, it can be accessed easily by
       giving -i instance_name command line parameter for Dovecot binaries (e.g. doveadm).

OPTIONS

       Global doveadm(1) options:

       -D     Enables verbosity and debug messages.

       -f formatter
	      Specifies the formatter for formatting the output.  Supported formatters are:

	      flow   prints each line with key=value pairs.

	      pager  prints each key: value pair on its own line and separates records with form feed character (^L).

	      tab    prints a table header followed by tab separated value lines.

	      table  prints a table header followed by adjusted value lines.

       -v     Enables verbosity, including progress counter.

ARGUMENTS

       name   The value of an instance's instance_name setting.

       base_dir
	      The base directory of a Dovecot instance.

COMMANDS

   instance list
       doveadm instance list

       This command lists the seen Dovecot instances.

   instance remove
       doveadm instance remove name | base_dir

       This command removes the specified instance.

REPORTING BUGS

       Report bugs, including doveconf -n output, to the Dovecot Mailing List <dovecot@dovecot.org>.  Information about reporting bugs	is  avail-
       able at: http://dovecot.org/bugreport.html

SEE ALSO

       doveadm(1)

Dovecot v2.2							    2012-02-16						       DOVEADM-INSTANCE(1)