Xbiff 2 Insecure Permissions Information Disclosure Vulnerability

Xbiff 2 is prone to an information-disclosure vulnerability due to insecure file permissions.

A successful attack can allow a local attacker to retrieve credentials and potentially gain access to a user's mail. This could lead to other attacks as well.

Xbiff 2 version 1.9 for Linux is reportedly vulnerable; other versions may be affected as well.


 

Privacy Statement
Copyright 2010, SecurityFocus