CVE-2008-5301

N/A Unknown
Published: December 01, 2008 Modified: April 23, 2026
View on NVD

Description

Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/32768
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/36904
Source: cve@mitre.org
http://www.dovecot.org/list/dovecot/2008-November/035259.html
Source: cve@mitre.org
Patch
http://www.securityfocus.com/bid/32582
Source: cve@mitre.org
http://www.ubuntu.com/usn/USN-838-1
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2008/3190
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/46672
Source: cve@mitre.org
http://secunia.com/advisories/32768
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/36904
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.dovecot.org/list/dovecot/2008-November/035259.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/32582
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-838-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/3190
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/46672
Source: af854a3a-2127-422b-91ae-364da2661108

14 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.6%
69th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-22

Affected Vendors

dovecot

Related CVEs

CVE-2026-41044 N/A
CVE-2026-41043 N/A
CVE-2026-40466 N/A
CVE-2025-62233 N/A
CVE-2026-6272 N/A