CVE Vulnerabilities

CVE-2004-2337

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials.

Affected Software

Name Vendor Start Version End Version
Inlook Inlook 0.6.0 0.6.0
Inlook Inlook 0.6.1 0.6.1
Inlook Inlook 0.6.2 0.6.2
Inlook Inlook 0.6.3 0.6.3
Inlook Inlook 0.6.4 0.6.4
Inlook Inlook 0.6.5 0.6.5
Inlook Inlook 0.6.6 0.6.6
Inlook Inlook 0.6.7 0.6.7
Inlook Inlook 0.6.8 0.6.8
Inlook Inlook 0.6.9 0.6.9
Inlook Inlook 0.6.10.0 0.6.10.0
Inlook Inlook 0.6.11 0.6.11
Inlook Inlook 0.6.12 0.6.12
Inlook Inlook 0.6.13 0.6.13
Inlook Inlook 0.6.14 0.6.14
Inlook Inlook 0.7.0 0.7.0
Inlook Inlook 0.7.1 0.7.1
Inlook Inlook 0.7.2 0.7.2
Inlook Inlook 0.7.3 0.7.3

References