Unrated severityNVD Advisory· Published Sep 4, 2001· Updated Apr 16, 2026
CVE-2001-0990
CVE-2001-0990
Description
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
Affected products
19cpe:2.3:a:inter7:vpopmail:3.4.1:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:inter7:vpopmail:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.11e:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:3.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:4.8:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:4.9:*:*:*:*:*:*:*
- cpe:2.3:a:inter7:vpopmail:4.9.10:*:*:*:*:*:*:*
- (no CPE)range: <=4.10.35
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.securityfocus.com/archive/1/212036nvdPatchVendor Advisory
- www.securityfocus.com/bid/3284nvdVendor Advisory
- www.inter7.com/vpopmail/ChangeLognvd
- exchange.xforce.ibmcloud.com/vulnerabilities/7076nvd
News mentions
0No linked articles in our index yet.