CVE-2005-0322
published 2005-05-02CVE-2005-0322: MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2 uses weak encryption in the (1) users.cfg, (2)…
PriorityP417high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.24%
15.0th percentile
MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2 uses weak encryption in the (1) users.cfg, (2) settings.cfg, (3) users.dat or (4) user.dat files, which allows local users to extract the passwords.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| icewarp | web_mail | — | — |
| icewarp | web_mail | — | — |
| merak | mail_server | — | — |
| merak | mail_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2005-05-02
Published