eXtremail Authentication Bypass Vulnerability

eXtremail has been reported prone to an authentication bypass vulnerability. The issue will only present itself under certain circumstances. Specifically, if an account is created and the password associated with that account consists of a single digit, or the password begins with a digit, then an attacker may use this account to access the service without supplying any password.


Privacy Statement
Copyright 2010, SecurityFocus