Dovecot passdbs Argument Injection Authentication Bypass

Medium Nessus Plugin ID 31466


The remote mail server is affected by an authentication bypass vulnerability.


The remote host is running Dovecot, an open source IMAP4 / POP3 server for Linux / Unix.

The version of Dovecot installed on the remote host uses a TAB character as a delimiter internally but fails to escape them when they appear in a password. Provided Dovecot is configured to use a blocking passdb, an attacker can leverage this issue to bypass authentication and gain access to a user's mailbox.


Upgrade to Dovecot v1.0.13 / v1.1.rc3 or later.

See Also

Plugin Details

Severity: Medium

ID: 31466

File Name: dovecot_auth_bypass.nasl

Version: $Revision: 1.14 $

Type: remote

Family: Misc.

Published: 2008/03/14

Modified: 2016/05/05

Dependencies: 11153

Risk Information

Risk Factor: Medium


Base Score: 5.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:dovecot:dovecot

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2008-1218

BID: 28181

OSVDB: 42979

Secunia: 29295

CWE: 255