Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and previous versions, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kolab kolab groupware server 2.0.1 |
||
kolab kolab groupware server 2.0.2 |
||
kolab kolab groupware server |