← Back

Kolab Groupware Server

kolab_groupware_server

Vendor: Kolab • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-4165
1Kolab
1Kolab Groupware Server
Apr 23, 2026
Sep 22, 2008
N/A· v4
N/A· v3
4.0 MEDIUM· v2
admin/user/create_user.php in Kolab Groupware Server 1.0.0 places a user password in an HTTP GET request, which allows local administrators, and possibly remote attackers, to obtain cleartext passwords by reading the ssl...Show more
admin/user/create_user.php in Kolab Groupware Server 1.0.0 places a user password in an HTTP GET request, which allows local administrators, and possibly remote attackers, to obtain cleartext passwords by reading the ssl_access_log file or the referer string.Show less
CVE-2006-0213
1Kolab
1Kolab Groupware Server
Apr 16, 2026
Jan 14, 2006
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users...Show more
Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.Show less
CVE-2005-4828
1Kolab
1Kolab Groupware Server
Apr 16, 2026
Dec 31, 2005
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE:...Show more
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE: it is not clear whether this issue crosses privilege boundaries, so this might not be a vulnerability.Show less
CVE-2004-1997
2Kolab
Openpkg
2Kolab Groupware Server
Openpkg
Apr 16, 2026
May 5, 2004
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges.