Courier Mail Server < 0.52.2 Deactivated Account Authentication Bypass

high Nessus Network Monitor Plugin ID 3322

Synopsis

The remote host may allow deactivated users to access their accounts using their old credentials.

Description

The remote host is running Courier Mail Server, an open source mail server for Linux and Unix. The installed version of Courier is prone to a bug in the way that it handles deactivated accounts. Versions of Courier less than 0.52.2 will still allow deactivated accounts to be accessed and used. An attacker exploiting this flaw would need to have the deactivated credentials in order to exploit this flaw.

Solution

Upgrade to Courier Mail Server 0.52.2 or higher.

See Also

http://www.courier-mta.org

Plugin Details

Severity: High

ID: 3322

Family: SMTP Servers

Published: 12/8/2005

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:X

Vulnerability Information

CPE: cpe:/a:double_precision_incorporated:courier_mail_server

Reference Information

CVE: CVE-2005-3532

BID: 15771