IlohaMail Insecure Default Installation Information Disclosure Vulnerability
BID:12252
Info
IlohaMail Insecure Default Installation Information Disclosure Vulnerability
| Bugtraq ID: | 12252 |
| Class: | Configuration Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 13 2005 12:00AM |
| Updated: | Jan 13 2005 12:00AM |
| Credit: | <[email protected]> is credited with the discovery of this issue. |
| Vulnerable: |
IlohaMail IlohaMail 0.8.14 RC2 IlohaMail IlohaMail 0.8.14 RC1 IlohaMail IlohaMail 0.8.13 IlohaMail IlohaMail 0.8.12 IlohaMail IlohaMail 0.8.11 IlohaMail IlohaMail 0.8.10 IlohaMail IlohaMail 0.8.9 IlohaMail IlohaMail 0.8.8 IlohaMail IlohaMail 0.8.7 IlohaMail IlohaMail 0.8.6 |
| Not Vulnerable: | |
Discussion
IlohaMail Insecure Default Installation Information Disclosure Vulnerability
An insecure default installation information disclosure issue affects IlohaMail. This issue is due to a failure of the application to install sensitive files securely.
An attacker may leverage this issue to gain access to sensitive information, potentially including user names and passwords. Sensitive information disclosed in this way may lead to a compromise of email accounts and other attacks.
An insecure default installation information disclosure issue affects IlohaMail. This issue is due to a failure of the application to install sensitive files securely.
An attacker may leverage this issue to gain access to sensitive information, potentially including user names and passwords. Sensitive information disclosed in this way may lead to a compromise of email accounts and other attacks.
Exploit / POC
IlohaMail Insecure Default Installation Information Disclosure Vulnerability
No exploit is required to leverage this issue.
No exploit is required to leverage this issue.
Solution / Fix
IlohaMail Insecure Default Installation Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
IlohaMail Insecure Default Installation Information Disclosure Vulnerability
References:
References:
- IlohaMail Homepage (IlohaMail)