Vulnerabilities > CVE-2002-0258

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

icewarp

merak

NVD

Published: 2002-05-29

Updated: 2024-11-20

Summary

Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. by extracting the ID from the user's answer or forward URLs.

Vulnerable Configurations

Part	Description	Count
Application	Icewarp Icewarp WEB Mail *	1
Application	Merak Merak Mail Server *	1

References

http://marc.info/?l=bugtraq&m=101328887821909&w=2
http://marc.info/?l=bugtraq&m=101328887821909&w=2

Vulnerabilities > CVE-2002-0258 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2002-0258"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2002-0258