CVE-2013-6171

EUVD-2013-6000
checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account information in the response to the dovecot-auth server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
dovecotdovecot
𝑥
≤ 2.2.6
dovecotdovecot
2.0:beta1
dovecotdovecot
2.0.0
dovecotdovecot
2.0.1
dovecotdovecot
2.0.2
dovecotdovecot
2.0.3
dovecotdovecot
2.0.4
dovecotdovecot
2.0.5
dovecotdovecot
2.0.6
dovecotdovecot
2.0.7
dovecotdovecot
2.0.8
dovecotdovecot
2.0.9
dovecotdovecot
2.0.10
dovecotdovecot
2.0.11
dovecotdovecot
2.0.12
dovecotdovecot
2.0.13
dovecotdovecot
2.0.14
dovecotdovecot
2.0.15
dovecotdovecot
2.1:rc1
dovecotdovecot
2.1:rc2
dovecotdovecot
2.1:rc3
dovecotdovecot
2.1:rc5
dovecotdovecot
2.1:rc6
dovecotdovecot
2.1:rc7
dovecotdovecot
2.1.0
dovecotdovecot
2.1.1
dovecotdovecot
2.1.2
dovecotdovecot
2.1.3
dovecotdovecot
2.1.4
dovecotdovecot
2.1.5
dovecotdovecot
2.1.6
dovecotdovecot
2.1.7
dovecotdovecot
2.1.10
dovecotdovecot
2.1.11
dovecotdovecot
2.1.12
dovecotdovecot
2.1.13
dovecotdovecot
2.1.14
dovecotdovecot
2.1.15
dovecotdovecot
2.2:rc1
dovecotdovecot
2.2:rc2
dovecotdovecot
2.2:rc3
dovecotdovecot
2.2:rc4
dovecotdovecot
2.2:rc5
dovecotdovecot
2.2:rc6
dovecotdovecot
2.2:rc7
dovecotdovecot
2.2.0
dovecotdovecot
2.2.1
dovecotdovecot
2.2.2
dovecotdovecot
2.2.3
dovecotdovecot
2.2.4
dovecotdovecot
2.2.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dovecot
bookworm
1:2.3.19.1+dfsg1-2.1+deb12u1
fixed
bookworm (security)
1:2.3.19.1+dfsg1-2.1+deb12u1
fixed
bullseye
1:2.3.13+dfsg1-2+deb11u1
fixed
bullseye (security)
1:2.3.13+dfsg1-2+deb11u2
fixed
sid
1:2.3.21.1+dfsg1-1
fixed
squeeze
no-dsa
trixie
1:2.3.21.1+dfsg1-1
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dovecot
artful
not-affected
lucid
ignored
precise
ignored
quantal
ignored
raring
ignored
saucy
ignored
trusty
not-affected
utopic
not-affected
vivid
not-affected
wily
not-affected
xenial
not-affected
yakkety
not-affected
zesty
not-affected
Common Weakness Enumeration
References
http://cpanel.net/tsr-2013-0010-full-disclosure/
http://secunia.com/advisories/54808
http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
http://www.dovecot.org/list/dovecot-news/2013-November/000264.html
https://usn.ubuntu.com/3556-2/
http://cpanel.net/tsr-2013-0010-full-disclosure/
http://secunia.com/advisories/54808
http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
http://www.dovecot.org/list/dovecot-news/2013-November/000264.html
https://usn.ubuntu.com/3556-2/