2 matches found
CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
CVE-2021-28374
The CVE-2021-28374 issue affects the Debian courier-authlib package prior to 0.71.1-2 for Courier Authentication Library, which creates /run/courier/authdaemon with weak permissions, enabling an attacker to read user information (potentially including a cleartext password hash). The vulnerability...