CVE-2008-4578
EPSS 0.76%
Description
The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
How to fix CVE-2008-4578
To remediate CVE-2008-4578, upgrade the affected package to a fixed version below.
- Debian/dovecot—upgrade to 1:1.1.9-1 or later
Is CVE-2008-4578 being exploited?
Low — EPSS is 0.8%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1:1.1.9-1