Unrated severityNVD Advisory· Published May 5, 2004· Updated Apr 16, 2026

CVE-2004-1997

Description

Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges.

Affected products

Kolab/Kolab Groupware Server7 versions
cpe:2.3:a:kolab:kolab_groupware_server:1.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:kolab:kolab_groupware_server:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:kolab:kolab_groupware_server:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:kolab:kolab_groupware_server:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:kolab:kolab_groupware_server:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:kolab:kolab_groupware_server:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:kolab:kolab_groupware_server:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:kolab:kolab_groupware_server:1.0.8:*:*:*:*:*:*:*
OpenPKG/Openpkg
cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/10277nvdPatchVendor Advisory
secunia.com/advisories/11560nvdExploitPatchVendor Advisory
www.kolab.org/pipermail/kolab-users/2004-April/000215.htmlnvdExploitVendor Advisory
marc.infonvd
www.erfrakon.de/projects/kolab/download/kolab-server-1.0/src/Changelognvd
www.mandriva.com/security/advisoriesnvd
www.osvdb.org/5898nvd
exchange.xforce.ibmcloud.com/vulnerabilities/16068nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000