Summary
The remote host is missing an update to dovecot
announced via advisory DSA 1080-1.
A problem has been discovered in the IMAP component of Dovecot, a secure mail server that supports mbox and maildir mailboxes, which can lead to information disclosure via directory traversal by authenticated users.
The old stable distribution (woody) is not affected by this problem.
Solution
For the stable distribution (sarge) this problem has been fixed in version 0.99.14-1sarge0.
For the unstable distribution (sid) this problem has been fixed in version 1.0beta8-1.
We recommend that you upgrade your dovecot-imapd package.
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201080-1
Severity
Classification
-
CVE CVE-2006-2414 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities