CVE-2008-6984
N/A
N/A
Summary
Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, allows remote attackers to bypass authentication and send spam e-mail via a message with (1) a base64-encoded username that begins with a valid shortname, or (2) a username that matches a valid password, as demonstrated using (a) SMTP and qmail, and (b) Courier IMAP and POP3.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id?1020801
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44856
- http://www.securityfocus.com/bid/30956
- http://www.securityfocus.com/archive/1/495881
- http://www.osvdb.org/51652
References
- http://www.securitytracker.com/id?1020801
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44856
- http://www.securityfocus.com/bid/30956
- http://www.securityfocus.com/archive/1/495881
- http://www.osvdb.org/51652
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.