RSS   Vulnerabilities for 'Plesk'   RSS

2009-08-19
 
CVE-2008-6984

 

 
Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, allows remote attackers to bypass authentication and send spam e-mail via a message with (1) a base64-encoded username that begins with a valid shortname, or (2) a username that matches a valid password, as demonstrated using (a) SMTP and qmail, and (b) Courier IMAP and POP3.

 

 >>> Vendor: Parallels 11 Products
H-sphere
Plesk
Confixx
Parallels desktop
Virtuozzo containers
Parallels virtuozzo
Parallels plesk panel
Parallels plesk small business panel
Parallels small business panel
Remote application server
Parallels


Copyright 2024, cxsecurity.com

 

Back to Top