Back to search
CVE-2001-0990
Published: Feb 2, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.inter7.com/vpopmail/ChangeLog
x_refsource_MISC
vpopmail-insecure-auth-data(7076)
vdb-entry
x_refsource_XF
20010904 BUZ.CH Security Advisory 200109041: Inter7 vpopmail DB pw problem
mailing-list
x_refsource_BUGTRAQ
3284
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now