漏洞信息详情

Internet Anywhere Mail Server明文密码漏洞

• CNNVD编号：CNNVD-199910-006
• 危害等级： 中危
  
• CVE编号： CVE-1999-1236
• 漏洞类型： 设计错误
• 发布时间： 1999-10-01
• 威胁类型： 本地
• 更新时间： 2005-10-20
• 厂        商： true_north
• 漏洞来源： Discovered and pos...

漏洞简介

Internet Anywhere Mail Server 2.3.1版本将密码以明文形式存储在msgboxes.dbf文件中，本地用户通过从msgboxes.dbf中提取密码获得特权。

漏洞公告

Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]. True North Software has stated that this will be fixed in the next major release of IAMS.

参考网址

来源: XF 名称: iams-passwords-plaintext(3285) 链接:http://xforce.iss.net/static/3285.php 来源: BID 名称: 731 链接:http://www.securityfocus.com/bid/731 来源: NTBUGTRAQ 名称: 19991001 Vulnerabilities in the Internet Anywhere Mail Server 链接:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9910&L=ntbugtraq&F=&S=&P=662

受影响实体

• True_north Internet_anywhere_mail_server:3.1  
• True_north Internet_anywhere_mail_server:2.3.1  

补丁

暂无