Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1254


Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1254
Last Modified 10 Sep 2008 03:10:03
Published 27 Sep 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing.

Vulnerable Systems


  • Com2001 Alexis Server 2.0

  • Com2001 Alexis Server 2.1


BUGTRAQ - 20010927 Two problems with Alexis/InternetPBX from COM2001

BID - 3373

Last Updated: 27 May 2016 10:36:36