Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3429


Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3429
Last Modified 07 Mar 2011 09:26:31
Published 02 Nov 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Rockliffe MailSite Express before 6.1.22, with the option to save login information enabled, saves user passwords in plaintext in cookies, which allows local users to obtain passwords by reading the cookie file, or remote attackers to obtain the cookies via cross-site scripting (XSS) vulnerabilities.

Vulnerable Systems


  • Rockliffe Mailsite Express 6.1.20

  • Rockliffe Mailsite Express 6.1.21



FULLDISC - 20051028 Multiple vulnerabilities within RockLiffe MailSite Express WebMail

XF - mailsiteexpress-cookie-plaintext-password(22906)

SECTRACK - 1015117

OSVDB - 22682

Last Updated: 27 May 2016 10:40:56