CVE-2001-1254 Information

Description

Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server which could allow remote attackers to steal the passwords via sniffing.

Reference

http://online.securityfocus.com/archive/1/217200 http://www.securityfocus.com/bid/3373