Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

Gentoo GLSA 200804-24 Important: DBMail Authentication Vulnerability Alert

gentoo
Calendar Grey April 19, 2008
Scroller Gentoo Esm H88
Gentoo GLSA 202303-15: MyApp has exposure to unauthorized access due to setup errors. Severity: Medium. Update advised.
A vulnerability in DBMail could allow for passwordless login to any account under certain configurations.

Summary

Gentoo Linux Security Advisory GLSA 200804-24 https://security.gentoo.org/ Severity: Low Title: DBmail: Data disclosure Date: April 18, 2008 Bugs: #218154 ID: 200804-24

Synopsis ======= A vulnerability in DBMail could allow for passwordless login to any account under certain configurations.
Background ========= DBMail is a mail storage and retrieval daemon that uses SQL databases as its data store. IMAP and POP3 can be used to retrieve mails from the database.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-mail/dbmail < 2.2.9 >= 2.2.9
========== A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround