First published: Sat Jan 14 2006(Updated: )
Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Kolab Kolab Groupware Server | =2.0.2 | |
Kolab Kolab Groupware Server | <=2005-12-15_pre2.1 | |
Kolab Kolab Groupware Server | =2.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.