PT-2006-3658 · Open Xchange · Open-Xchange

Cemil Degirmenci

Published

2006-06-01

Updated

2018-10-18

CVE-2006-2738

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Open-Xchange versions 0.8.2 and earlier

Description The issue allows remote attackers to access any server where the default username and password have not been changed, due to the use of a static default username and password with a valid login shell in the initfile for the ldap-server.

Recommendations For Open-Xchange versions 0.8.2 and earlier, change the default username and password to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2738

Affected Products

Open-Xchange

PT-2006-3658 · Open Xchange · Open-Xchange

CVE-2006-2738

Related Identifiers

Affected Products

References · 10