This host has Dovecot ACL Plugin installed and is prone to multiple security bypass vulnerabilities.
Successful attack could allow malicious people to bypass certain security restrictions or manipulate certain data. Impact Level: Application
Upgrade to Dovecot version 1.1.4 http://www.dovecot.org/download.html
The flaws are due to, - the ACL plugin interprets negative access rights as positive access rights, potentially giving an unprivileged user access to restricted resources. - an error in the ACL plugin when imposing mailbox creation restrictions to to create parent/child/child mailboxes.
Dovecot versions prior to 1.1.4 on Linux