Red Hat Bugzilla – Bug 709097
CVE-2011-2167 dovecot: directory traversal due to not obeying chroot directive
Last modified: 2015-08-19 05:10:26 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2167 to
the following vulnerability:
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot
configuration setting, which might allow remote authenticated users to
conduct directory traversal attacks by leveraging a script.
Created dovecot tracking bugs for this issue
Affects: fedora-all [bug 709108]
Looking at the upstream NEWS file, i dont see this bug/issue being seperately mentioned.
Also looking at the timeline it seems the following patch is the only one which would fit the bill, not sure if its applicable though:
Can you please take a look at this issue?
(In reply to comment #3)
> Can you please take a look at this issue?
this and CVE-2011-2166 have the same fix from comment #2, but this fix causes some regressions. Upstream knows about this and promised to fix it for next version. That fix is not available atm.
(In reply to comment #7)
> (In reply to comment #3)
> > Michal,
> > Can you please take a look at this issue?
> this and CVE-2011-2166 have the same fix from comment #2, but this fix causes
> some regressions. Upstream knows about this and promised to fix it for next
> version. That fix is not available atm.
Ok, upstream just confirmed this. I was under the impression that Timo just mentioned CVE-2011-2166.
Upstream has confirmed that this particular fix, will break current
configurations for the dovecot server, which will only be fixed in 2.0.14
Dovecot 2.0.14 is released:
The following in the Changelog suggests that comment #4 has been addressed:
script-login attempted an unnecessary config lookup, which usually
failed with "Permission denied"
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:0520 https://rhn.redhat.com/errata/RHSA-2013-0520.html