Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-3532HistoryDec 11, 2005 - 1:03 a.m.
CVE-2005-3532
2005-12-1101:03:00
Debian Security Bug Tracker
security-tracker.debian.org
7
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.0%
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | courier | < 0.47-12 | courier_0.47-12_all.deb |
| Debian | 11 | all | courier | < 0.47-12 | courier_0.47-12_all.deb |
| Debian | 999 | all | courier | < 0.47-12 | courier_0.47-12_all.deb |
Related
nessus
nessus
Ubuntu 4.10 / 5.04 / 5.10 : courier vulnerability (USN-226-1)
2006-01-21 00:00:00
Debian DSA-917-1 : courier - programming error
2006-10-14 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-917-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 917-1 (courier)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2005-3532
2005-12-11 01:00:00
ubuntu
ubuntu
Courier vulnerability
2005-12-10 00:00:00
debian
debian
[SECURITY] [DSA 917-1] New courier packages fix unauthorised access
2005-12-08 10:26:15
[SECURITY] [DSA 917-1] New courier packages fix unauthorised access
2005-12-08 10:26:15
osv
osv
courier - programming error
2005-12-08 00:00:00
nvd
nvd
CVE-2005-3532
2005-12-11 01:03:00
cve
cve
CVE-2005-3532
2005-12-11 01:03:00
ubuntucve
ubuntucve
CVE-2005-3532
2005-12-11 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.0%
Related for DEBIANCVE:CVE-2005-3532