CVE-2021-28374 in Canonical and Debian Products
Published on March 15, 2021

The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's existence, uid and gids, home and/or Maildir directory, quota, and some type of password information (such as a hash).

NVD

Products Associated with CVE-2021-28374

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-28374 are published in these products:

Canonical Courier Authlib

Debian Courier Authlib

Debian Linux

Exploit Probability

EPSS

0.29%

Percentile

51.78%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-28374 in Canonical and Debian ProductsPublished on March 15, 2021

Products Associated with CVE-2021-28374

Exploit Probability

CVE-2021-28374 in Canonical and Debian Products
Published on March 15, 2021