Configuration
CVE-2011-2166
Summary
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
- LOW
- NETWORK
- SINGLE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-16 - Configuration
Weaknesses in this category are typically introduced during the configuration of the software.
References
Advisory Timeline
- Published