Описание
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:inter7:vpopmail:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.4:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.5:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.7:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.8:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.9:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.10:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.11:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:3.4.11e:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:4.5:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:4.6:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:4.7:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:4.8:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:4.9:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail:4.9.10:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00069
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
EPSS
Процентиль: 21%
0.00069
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other