Kolab: >> Kolab Groupware Server >> 2.0.1 Security Vulnerabilities
Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2006-01-14
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE: it is not clear whether this issue crosses privilege boundaries, so this might not be a vulnerability.
CVSS Score
6.4
EPSS Score
0.004
Published
2005-12-31