This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote IMAP server is affected by a directory traversal
The remote host is running Dovecot, an open source IMAP4 / POP3 server
for Linux / Unix.
The version of Dovecot installed on the remote host fails to filter
directory traversal sequences from user-supplied input to IMAP
commands such as LIST and DELETE. An authenticated attacker may be
able to leverage this issue to list directories and files in the mbox
root's parent directory or possibly to delete index files used by the
See also :
Upgrade to Dovecot version 1.0 beta8 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true
Nessus Plugin ID: 21559 (dovecot_dir_traversal.nasl)
Bugtraq ID: 17961
CVE ID: CVE-2006-2414
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.