4.6

CVE-2006-0213

Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
KolabKolab Groupware Server Version <= 2005-12-15_pre2.1
KolabKolab Groupware Server Version2.0.1
KolabKolab Groupware Server Version2.0.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.26
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://kolab.org/security/kolab-vendor-notice-08.txt
Patch
Vendor Advisory
http://secunia.com/advisories/18438
Patch
Vendor Advisory
http://www.osvdb.org/22381
http://www.vupen.com/english/advisories/2006/0186
https://exchange.xforce.ibmcloud.com/vulnerabilities/24123