CVE-2006-3896

Sažetak

The NeoScale Systems CryptoStor 700 series appliance before 2.6 relies on client-side ActiveX code for smartcard authentication, which allows remote attackers to bypass smartcard authentication, and gain access if able to present a valid username and password, by disabling ActiveX.

Reference

http://secunia.com/advisories/23430
http://securitytracker.com/id?1017396
http://www.kb.cert.org/vuls/id/339004
http://www.securityfocus.com/bid/21652
http://www.vupen.com/english/advisories/2006/5063

CVSS

Base:	4.9
Impact:	6.4
Exploitability:	4.4

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:A/AC:M/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-03-2011 - 02:39

Objavljeno

19-12-2006 - 19:28