Authentication Bypass in Cobalt RaQ3 Servers by Cobalt Networks
CVE-2001-1075

Currently unrated

Key Information:

Vendor: Oracle
Status: Cobalt Raq 3i
Vendor: CVE Published:; 4 July 2001

Summary

An issue in the poprelayd script of Cobalt RaQ3 servers enables remote attackers to exploit authentication mechanisms. By manipulating the 'POP login by user' string with the attacker's IP address, unauthorized relaying of mails can be achieved, compromising the integrity of the mail system and potentially exposing sensitive information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/6806

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/2986

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/bugtraq/2001-07/00...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Jul 4, 2001