|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
|
Description |
Adobe Contribute Publishing Server contains a flaw that may lead to an unauthorized password exposure. It is possible to gain administrator access by accessing plaintext passwords that are stored in the "installvariables.properties" log file. This file is created during the installation process.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Cryptographic,
Information Disclosure
Impact:
Loss of Confidentiality
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Immediately after installation, change all default install passwords to a unique and secure password. When possible, change default accounts to custom names as well.
As well to remove the file:
Browse to the Contribute Publishing Server installation location and remove the installvariables.properties file from the 'UninstallerData' (Windows) or 'Uninstall Macromedia Contribute Publishing Server' directory.
|
|
Products |
|
Contribute Publishing Server
 |
1.x |
|
|
|
|
|
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
