CVE-1999-1236 - OpenCVE

Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
True North	Internet Anywhere Mail Server

Configuration 1 [-]

OR	cpe:2.3:a:true_north:internet_anywhere_mail_server:2.3.1:::::::*
	cpe:2.3:a:true_north:internet_anywhere_mail_server:3.1:::::::*

References

Link	Resource
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9910&L=ntbugtraq&F=&S=&P=662	Exploit Vendor Advisory
http://www.securityfocus.com/bid/731	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/3285

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2001-09-12T04:00:00

Updated: 2017-12-18T21:57:01

Reserved: 2001-08-31T00:00:00

Link: CVE-1999-1236

JSON object: View

NVD Information

Status : Modified

Published: 1999-10-01T04:00:00.000

Modified: 2017-12-19T02:29:04.677

Link: CVE-1999-1236

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "1999-10-01T00:00:00", "descriptions": [{"lang": "en", "value": "Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "iams-passwords-plaintext(3285)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3285"}, {"name": "19991001 Vulnerabilities in the Internet Anywhere Mail Server", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ"], "url": "http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9910&L=ntbugtraq&F=&S=&P=662"}, {"name": "731", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/731"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1236", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "iams-passwords-plaintext(3285)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3285"}, {"name": "19991001 Vulnerabilities in the Internet Anywhere Mail Server", "refsource": "NTBUGTRAQ", "url": "http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9910&L=ntbugtraq&F=&S=&P=662"}, {"name": "731", "refsource": "BID", "url": "http://www.securityfocus.com/bid/731"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1236", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2017-12-18T21:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}