Vulnerability CVE-2001-1253


Published: 2001-09-27   Modified: 2012-02-12

Description:
Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users.

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Com2001 -> Alexis server 

 References:
http://www.iss.net/security_center/static/7205.php
http://online.securityfocus.com/archive/1/217200

Copyright 2024, cxsecurity.com

 

Back to Top