CVE-2004-2337 Information

Description

The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions which allows local users to obtain user POP3 credentials.

Reference

http://secunia.com/advisories/10752/ http://www.osvdb.org/3771 http://www.securityfocus.com/bid/9527 https://exchange.xforce.ibmcloud.com/vulnerabilities/14990 https://sourceforge.net/project/shownotes.php?release_id=213427