Title: Nevrona MiraMail Sensitive File Plain Text Storage Vulnerability
Severity: MODERATE
Description:
MiraMail is an email server program which enables users to post messages to internal users as well as send email messages. All communications sent regarding the same incident/subject are contained within the same thread.
MiraMail stores user's POP account authentication information, user account and group information in miramail.ini file. Due to a design flaw this file is stored in plain text.
Any user with access to the directory in which MiraMail is installed will have access to this file.
Affected Products:
- Nevrona Designs MiraMail 1.0.0 4
References:
- Nevrona Designs: MiraMail Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
