Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0332

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0332
Last Modified 05 Sep 2008 04:38:09
Published 23 Nov 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0332

Summary

Extremail 1.5.9 does not check passwords correctly when they are all digits or begin with a digit, which allows remote attackers to gain privileges.

Vulnerable Systems

Application

  • Extremail 1.0

  • Extremail 1.0.1

  • Extremail 1.0.2

  • Extremail 1.0.3

  • Extremail 1.1

  • Extremail 1.1.1

  • Extremail 1.1.10

  • Extremail 1.1.2

  • Extremail 1.1.3

  • Extremail 1.1.4

  • Extremail 1.1.5

  • Extremail 1.1.6

  • Extremail 1.1.7

  • Extremail 1.1.8

  • Extremail 1.1.9

  • Extremail 1.5

  • Extremail 1.5.5

  • Extremail 1.5.8

  • Extremail 1.5.9


References

XF - extremail-password-gain-access(15329)

BID - 9754

BUGTRAQ - 20040226 Extremail Security Problem


Last Updated: 27 May 2016 10:38:34