PT-2004-2830 · Citadel · Citadel/Ux

Published

2004-04-12

Updated

2017-07-11

CVE-2004-1933

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Citadel/UX versions 5.00 through 6.14

Description The issue allows local users to bypass access controls and read unauthorized messages due to the database directory and files being installed with world-read permissions.

Recommendations For Citadel/UX versions 5.00 through 6.14, change the permissions of the database directory and files to restrict access and prevent unauthorized reading of messages.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1933

Affected Products

Citadel/Ux

PT-2004-2830 · Citadel · Citadel/Ux

CVE-2004-1933

Related Identifiers

Affected Products

References · 4