CVE-2005-1516

2005-05-1104:00:00

mitre

www.cve.org

AI Score

6.9

Confidence

Low

EPSS

0.008

Percentile

82.0%

JSON

DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, and shutdown the system via a sendlog command with an incorrect password hash, which is not properly handled by the _cmd_sendlog function.

References

secunia.com/advisories/15242

www.security.org.sg/vuln/dmail31a.html

www.securityfocus.com/bid/13497

exchange.xforce.ibmcloud.com/vulnerabilities/20412