CVE-2020-24386: IMAP hibernation allows accessing other peoples mail

Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Aki Tuomi on Jan 06

Open-Xchange Security Advisory 2021-01-04

Product: Dovecot
Vendor: OX Software GmbH
Internal reference: DOP-2009 (Bug ID)
Vulnerability type: CWE-150: Improper Neutralization of Escape, Meta, or
Control Sequences
Vulnerable version: 2.2.26-2.3.11.3
Vulnerable component: imap
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 2.3.13
Vendor notification: 2020-08-17
Solution date: 2020-08-27
Public disclosure: 2021-01-04…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source
Available for Amazon Prime