Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0213

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2006-0213
Last Modified 07 Mar 2011 09:29:35
Published 13 Jan 2006 08:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0213

Summary

Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.

Vulnerable Systems

Application

  • Kolab Groupware Server 2.0.1

  • Kolab Groupware Server 2.0.2

  • Kolab Groupware Server 2005-12-15 Pre2.1


References

SECUNIA - 18438

CONFIRM - http://kolab.org/security/kolab-vendor-notice-08.txt

VUPEN - ADV-2006-0186

XF - kolab-smtp-logging(24123)

OSVDB - 22381


Last Updated: 27 May 2016 10:41:34