Transware · Transware Active! Mail · CVE-2013-2302
**Name of the Vulnerable Software and Affected Versions**
TransWARE Active! mail version 6
**Description**
The issue allows local users to obtain sensitive information belonging to arbitrary users by leveraging shell access. This can be demonstrated by a TELNET or SSH session to the server.
**Recommendations**
For TransWARE Active! mail version 6, consider restricting shell access to the server to minimize the risk of exploitation. As a temporary workaround, limit the use of external public interfaces until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.