Vulnerability Description
Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Com2001 | Alexis Server | 2.0 |
References
- http://online.securityfocus.com/archive/1/217200PatchVendor Advisory
- http://www.iss.net/security_center/static/7205.phpPatchVendor Advisory
- http://online.securityfocus.com/archive/1/217200PatchVendor Advisory
- http://www.iss.net/security_center/static/7205.phpPatchVendor Advisory
FAQ
What is CVE-2001-1253?
CVE-2001-1253 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users.
How severe is CVE-2001-1253?
CVE-2001-1253 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1253?
Check the references section above for vendor advisories and patch information. Affected products include: Com2001 Alexis Server.