World Readable Permissions on /.inlook/.crypt File in inlook 0.7.3 and Earlier: Local User Credential Disclosure Vulnerability

World Readable Permissions on /.inlook/.crypt File in inlook 0.7.3 and Earlier: Local User Credential Disclosure Vulnerability

CVE-2004-2337 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials.

Learn more about our User Device Pen Test.