Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1366

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-1999-1366
Last Modified 05 Sep 2008 04:19:21
Published 15 May 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1366

Summary

Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.

Vulnerable Systems

Application

  • David Harris Pegasus Mail 3.0


References

BUGTRAQ - 19990515 Pegasus Mail weak encryption


Last Updated: 27 May 2016 10:35:24