Info

Last Modified

about 1 year ago

Percent Complete

10%

Disclosure

May 09, 2005

Discovery

Unknown

Dates

Exploit

May 09, 2005

Solution

Unknown

This Entry needs help! It is only 10% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Keywords

EXPL-A-2005-007 exploitlabs.com Advisory 036

Description

(Description Provided by CVE) : H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such as username and password in plaintext in world-readable log files, which allows local users to gain privileges.

Classification

Attack Type: Cryptographic, Information Disclosure

Products

Unknown or Incomplete

References

Bugtraq ID: 13559
Secunia Advisory ID: 15287
CVE ID: 2005-1606 (see also: NVD)
ISS X-Force ID: 20522
Keyword: EXPL-A-2005-007 exploitlabs.com Advisory 036
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0137.html
Other Advisory URL: http://exploitlabs.com/files/advisories/EXPL-A-2005-007-hsphere.txt
Vendor Specific Solution URL: http://www.psoft.net/misc/hsphere_winbox_security_update_passwd.html
Vendor URL: https://www.psoft.net/

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches