Lucene search

[email protected]CVE-2001-0104

HistoryFeb 12, 2001 - 5:00 a.m.

CVE-2001-0104

2001-02-1205:00:00

[email protected]

web.nvd.nist.gov

mdaemon

pro 3.5.1

security setting

bypass

lock server

cve-2001-0104

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

MDaemon Pro 3.5.1 and earlier allows local users to bypass the “lock server” security setting by pressing the Cancel button at the password prompt, then pressing the enter key.

Affected configurations

NVD

Node

alt-nmdaemonMatch3.5.1

CPENameOperatorVersion
alt-n:mdaemonalt-n mdaemoneq3.5.1

CPE	Name	Operator	Version
alt-n:mdaemon	alt-n mdaemon	eq	3.5.1

References

www.securityfocus.com/archive/1/151156

www.securityfocus.com/bid/2115

exchange.xforce.ibmcloud.com/vulnerabilities/5763

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0104

cvelist1 nvd1