CVE-2004-2049

Sažetak

eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access.

Reference

http://marc.info/?l=bugtraq&m=109068491801021&w=2
http://secunia.com/advisories/12154
http://securitytracker.com/id?1010770
http://www.osvdb.org/8247
http://www.securityfocus.com/bid/10794
https://exchange.xforce.ibmcloud.com/vulnerabilities/16795

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:31

Objavljeno

31-12-2004 - 05:00