Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0258


Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0258
Last Modified 05 Sep 2008 04:27:34
Published 29 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. by extracting the ID from the user's answer or forward URLs.

Vulnerable Systems


  • Icewarp Web Mail

  • Merak Mail Server


BUGTRAQ - 20020209 Security Issue in Icewarp

Last Updated: 27 May 2016 10:36:50