Ubuntu Security Notice 593-1 - It was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. By default, dovecot passed special characters to the underlying authentication systems. While Ubuntu releases of dovecot are not known to be vulnerable, the authentication routine was proactively improved to avoid potential future problems.
152ff94141df0e8a6338bc7c8610db35bac87dfa8800d44c753be25d8facba18
Gentoo Linux Security Advisory GLSA 200803-25 - Dovecot uses the group configured via the mail_extra_groups setting, which should be used to create lockfiles in the /var/mail directory, when accessing arbitrary files (CVE-2008-1199). Dovecot does not escape TAB characters in passwords when saving them, which might allow for argument injection in blocking passdbs such as MySQL, PAM or shadow (CVE-2008-1218). Versions less than 1.0.13-r1 are affected.
fb1e2aa89b8d638ac9d92a8d9d47c0d14f9b826b630c8234297bdaa619cf3a8f
Dovecot IMAP versions 1.0.10 through 1.1rc2 remote email disclosure exploit.
9a776a8b279c82fd8f796f0c22026971144ae821b08b050dc4b98590453098ba
Debian Security Advisory 1516-1 - Prior to this update, the default configuration for Dovecot used by Debian runs the server daemons with group mail privileges. This means that users with write access to their mail directory by other means (for example, through an SSH login) could read mailboxes owned by other users for which they do not have direct write access. In addition, an internal interpretation conflict in password handling has been addressed pro-actively, even though it is not known to be exploitable.
a2667d8c90b0936343ce050454a16ff50b3ba2bc37efbcf9f47835a9199619ba