Vulnerability Details CVE-2006-0213
Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.7%
CVSS Severity
CVSS v2 Score 4.6
References
- http://kolab.org/security/kolab-vendor-notice-08.txt
- http://secunia.com/advisories/18438
- http://www.osvdb.org/22381
- http://www.vupen.com/english/advisories/2006/0186
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24123
- http://kolab.org/security/kolab-vendor-notice-08.txt
- http://secunia.com/advisories/18438
- http://www.osvdb.org/22381
- http://www.vupen.com/english/advisories/2006/0186
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24123
Products affected by CVE-2006-0213
-
cpe:2.3:a:kolab:kolab_groupware_server:*
-
cpe:2.3:a:kolab:kolab_groupware_server:2.0.1
-
cpe:2.3:a:kolab:kolab_groupware_server:2.0.2