CVE-2007-6598

EPSS 2.5%

dovecot

Published: 1/4/2008Modified: 3/9/2026

Also known as:DSA-1457-1DEBIAN-CVE-2007-6598

Description

Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.

Affected packages (2)

Debian/dovecotfrom 0, < 1:1.0.10-1
Debian/dovecotfrom 0, < 1.0.rc15-2etch3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-6598