8 matches found
Debian Security Advisory DSA 917-1 (courier)
The remote host is missing an update to courier announced via advisory DSA 917-1. Patrick Cheong Shu Yang discovered that courier-authdaemon, the authentication daemon of the Courier Mail Server, grants access to accounts that are already deactivated. For the old stable distribution woody this...
Ubuntu 4.10 / 5.04 / 5.10 : courier vulnerability (USN-226-1)
Patrick Cheong Shu Yang discovered a flaw in the user account handling of courier-authdaemon. After successful authorization, the Courier mail server granted access to deactivated accounts. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...
CVE-2005-3532
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pamtally, does not call the pamacctmgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled...
CVE-2005-3532
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pamtally, does not call the pamacctmgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled...
CVE-2005-3532
The CVE-2005-3532 issue affects courier-authdaemon (Courier Mail Server) versions 0.37.3 through 0.52.1, where authentication using pam_tally does not invoke pam_acct_mgmt to verify account status. This allows authentication to succeed for accounts that have been disabled. The vulnerability is do...
CVE-2005-3532
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pamtally, does not call the pamacctmgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled...
[SECURITY] [DSA 917-1] New courier packages fix unauthorised access
-------------------------------------------------------------------------- Debian Security Advisory DSA 917-1 [email protected] http://www.debian.org/security/ Martin Schulze December 8th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 917-1] New courier packages fix unauthorised access
-------------------------------------------------------------------------- Debian Security Advisory DSA 917-1 [email protected] http://www.debian.org/security/ Martin Schulze December 8th, 2005 http://www.debian.org/security/faq -...