Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.16 views

Debian Security Advisory DSA 917-1 (courier)

The remote host is missing an update to courier announced via advisory DSA 917-1. Patrick Cheong Shu Yang discovered that courier-authdaemon, the authentication daemon of the Courier Mail Server, grants access to accounts that are already deactivated. For the old stable distribution woody this...

7.5CVSS0.5AI score0.01582EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/21 12:0 a.m.20 views

Ubuntu 4.10 / 5.04 / 5.10 : courier vulnerability (USN-226-1)

Patrick Cheong Shu Yang discovered a flaw in the user account handling of courier-authdaemon. After successful authorization, the Courier mail server granted access to deactivated accounts. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...

7.5CVSS5.4AI score0.01582EPSS
Exploits0References1
OSV
OSV
added 2005/12/11 1:3 a.m.4 views

CVE-2005-3532

authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pamtally, does not call the pamacctmgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled...

6.4AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2005/12/11 1:3 a.m.17 views

CVE-2005-3532

authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pamtally, does not call the pamacctmgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled...

7.5CVSS5.8AI score0.01582EPSS
Exploits0References2
CVE
CVE
added 2005/12/11 1:0 a.m.67 views

CVE-2005-3532

The CVE-2005-3532 issue affects courier-authdaemon (Courier Mail Server) versions 0.37.3 through 0.52.1, where authentication using pam_tally does not invoke pam_acct_mgmt to verify account status. This allows authentication to succeed for accounts that have been disabled. The vulnerability is do...

7.5CVSS6.4AI score0.01582EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2005/12/11 1:0 a.m.19 views

CVE-2005-3532

authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pamtally, does not call the pamacctmgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled...

6.3AI score0.01582EPSS
Exploits0References7
Debian
Debian
added 2005/12/08 10:26 a.m.22 views

[SECURITY] [DSA 917-1] New courier packages fix unauthorised access

-------------------------------------------------------------------------- Debian Security Advisory DSA 917-1 [email protected] http://www.debian.org/security/ Martin Schulze December 8th, 2005 http://www.debian.org/security/faq -...

7.5CVSS0.2AI score0.01582EPSS
Exploits0
Debian
Debian
added 2005/12/08 10:26 a.m.21 views

[SECURITY] [DSA 917-1] New courier packages fix unauthorised access

-------------------------------------------------------------------------- Debian Security Advisory DSA 917-1 [email protected] http://www.debian.org/security/ Martin Schulze December 8th, 2005 http://www.debian.org/security/faq -...

7.5CVSS6.1AI score0.01582EPSS
Exploits0
Rows per page
Query Builder