Vulnerabilities > CVE-2006-2346 - Authentication Bypass vulnerability in Inter7 Vpopmail
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |