First published: Tue Sep 04 2001(Updated: )
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Inter7 Vpopmail | =3.4.1 | |
Inter7 Vpopmail | =3.4.11e | |
Inter7 Vpopmail | =3.4.6 | |
Inter7 Vpopmail | =3.4.5 | |
Inter7 Vpopmail | =4.7 | |
Inter7 Vpopmail | =4.9.10 | |
Inter7 Vpopmail | =3.4.10 | |
Inter7 Vpopmail | =4.6 | |
Inter7 Vpopmail | =3.4.7 | |
Inter7 Vpopmail | =4.5 | |
Inter7 Vpopmail | =3.4.11 | |
Inter7 Vpopmail | =4.8 | |
Inter7 Vpopmail | =3.4.2 | |
Inter7 Vpopmail | =3.4.9 | |
Inter7 Vpopmail | =3.4.8 | |
Inter7 Vpopmail | =4.9 | |
Inter7 Vpopmail | =3.4.3 | |
Inter7 Vpopmail | =3.4.4 | |
Inter7 vpopmail | =3.4.1 | |
Inter7 vpopmail | =3.4.2 | |
Inter7 vpopmail | =3.4.3 | |
Inter7 vpopmail | =3.4.4 | |
Inter7 vpopmail | =3.4.5 | |
Inter7 vpopmail | =3.4.6 | |
Inter7 vpopmail | =3.4.7 | |
Inter7 vpopmail | =3.4.8 | |
Inter7 vpopmail | =3.4.9 | |
Inter7 vpopmail | =3.4.10 | |
Inter7 vpopmail | =3.4.11 | |
Inter7 vpopmail | =3.4.11e | |
Inter7 vpopmail | =4.5 | |
Inter7 vpopmail | =4.6 | |
Inter7 vpopmail | =4.7 | |
Inter7 vpopmail | =4.8 | |
Inter7 vpopmail | =4.9 | |
Inter7 vpopmail | =4.9.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.