CVE-2006-0213
https://notcve.org/view.php?id=CVE-2006-0213
Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges. • http://kolab.org/security/kolab-vendor-notice-08.txt http://secunia.com/advisories/18438 http://www.osvdb.org/22381 http://www.vupen.com/english/advisories/2006/0186 https://exchange.xforce.ibmcloud.com/vulnerabilities/24123 •
CVE-2004-1997
https://notcve.org/view.php?id=CVE-2004-1997
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges. • http://marc.info/?l=bugtraq&m=108377525924422&w=2 http://secunia.com/advisories/11560 http://www.erfrakon.de/projects/kolab/download/kolab-server-1.0/src/Changelog http://www.kolab.org/pipermail/kolab-users/2004-April/000215.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:052 http://www.osvdb.org/5898 http://www.securityfocus.com/bid/10277 https://exchange.xforce.ibmcloud.com/vulnerabilities/16068 •