Vulnerabilities > CVE-2000-1100 - Unspecified vulnerability in Trlinux Postaci Webmail 1.1.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Trlinux Postaci Webmail 1.1.3 Password Disclosure Vulnerability. CVE-2000-1100. Remote exploits for multiple platform |
id | EDB-ID:20450 |
last seen | 2016-02-02 |
modified | 2000-11-30 |
published | 2000-11-30 |
reporter | Michael R. Rudel |
source | https://www.exploit-db.com/download/20450/ |
title | Trlinux Postaci Webmail 1.1.3 Password Disclosure Vulnerability |