PT-2004-1486 · Extremail · Extremail
Andrey Smirnov
·
Published
2004-03-18
·
Updated
2017-07-11
·
CVE-2004-0332
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Extremail version 1.5.9
Description
The issue allows remote attackers to gain privileges due to incorrect password checking when passwords are all digits or begin with a digit.
Recommendations
For Extremail version 1.5.9, update to a version that correctly checks passwords to prevent remote attackers from gaining privileges. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Extremail