PT-2003-2297 · Gabber · Gabber
Publicado
2003-12-31
·
Atualizado
2017-07-29
·
CVE-2003-1352
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Gabber version 0.8.7
Description
The issue allows remote attackers to obtain user session activity and the Gabber version number by sniffing, as Gabber sends an email to a specific address during user login and logout.
Recommendations
For Gabber version 0.8.7, consider restricting or disabling the email sending feature during user login and logout as a temporary workaround until a patch is available.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Gabber