28 Mar
2019
28 Mar
'19
4:44 p.m.
On 3/28/2019 10:40 AM, Aki Tuomi wrote:
check for fts in mail_plugins. pop3-uidl is used by pop3_migration plugin.
Sorry if I'm dense but can you be more specific? Are you talking about checking conf files or binary files?
For example, does the existence of /usr/local/lib/dovecot/lib20_fts_plugin.so imply an exploitable situation?
Are their settings in a conf file that disable those plugins?
Regards,
KAM