CVE-2008-4870 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	2.1 UNKNOWN	LOCAL	LOW		AV:L/AC:L/Au:N/C:P/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 11%

Vendor	Product	Version
dovecot	dovecot	1.0.7

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

dovecot

bullseye	unimportant
bullseye (security)	unimportant
bookworm	unimportant
bookworm (security)	unimportant
sid	unimportant
trixie	unimportant

Ubuntu Releases

Ubuntu Product

Codename

dovecot

lucid	not-affected
karmic	not-affected
jaunty	not-affected
intrepid	ignored
hardy	ignored
gutsy	ignored
dapper	ignored

Common Weakness Enumeration

CWE-732 - Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References

http://secunia.com/advisories/32164

http://secunia.com/advisories/33149

http://secunia.com/advisories/33624

http://security.gentoo.org/glsa/glsa-200812-16.xml

http://www.openwall.com/lists/oss-security/2008/10/29/10

http://www.redhat.com/support/errata/RHSA-2009-0205.html

https://bugzilla.redhat.com/show_bug.cgi?id=436287

https://exchange.xforce.ibmcloud.com/vulnerabilities/46323

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10776

http://secunia.com/advisories/32164

http://secunia.com/advisories/33149

http://secunia.com/advisories/33624

http://security.gentoo.org/glsa/glsa-200812-16.xml

http://www.openwall.com/lists/oss-security/2008/10/29/10

http://www.redhat.com/support/errata/RHSA-2009-0205.html

https://bugzilla.redhat.com/show_bug.cgi?id=436287

https://exchange.xforce.ibmcloud.com/vulnerabilities/46323

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10776