DEBIAN-CVE-2006-2414

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2006-2414

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2006-2414.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2006-2414

Upstream

CVE-2006-2414

Published

2006-05-16T10:02:00Z

Modified

2025-09-24T23:56:36.114253Z

Summary

[none]

Details

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.

References

https://security-tracker.debian.org/tracker/CVE-2006-2414

Affected packages

Debian:11 / dovecot

Package

Name: dovecot
Purl: pkg:deb/debian/dovecot?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.beta8-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / dovecot

Package

Name: dovecot
Purl: pkg:deb/debian/dovecot?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.beta8-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / dovecot

Package

Name: dovecot
Purl: pkg:deb/debian/dovecot?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.beta8-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:14 / dovecot

Package

Name: dovecot
Purl: pkg:deb/debian/dovecot?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.beta8-1

Ecosystem specific

{
    "urgency": "low"
}