Family: Misc. --> Category: infos
Sambar Transmits Passwords in PlainText Vulnerability Scan
Vulnerability Scan Summary
Makes sure that Sambar runs on top of SSL
Detailed Explanation for this Vulnerability Test
The remote Sambar server allows user to log in without using SSL.
A possible hacker with a sniffer on the way between a user's host and
this server may use this flaw to capture the password of the
users of this server.
With the password, he could then be able to access the webmail
accounts and modify the webpages on behalf of its victim.
Solution : Use Sambar on top of SSL
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.