CVE-2004-2049

Properties

Published:
30.12.2004
Updated:
20.10.2005
Patch available:
Severity:
Medium
CVSS vector:
(AV:L/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
eSeSIX: Thintune M

Vulnerability description

eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access.

References:

BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=109068491801021&w=2
BID: http://www.securityfocus.com/bid/10794
SECUNIA: http://secunia.com/advisories/12154
XF: http://xforce.iss.net/xforce/xfdb/16795
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=109068491801021&w=2
OSVDB: http://www.osvdb.org/8247
SECTRACK: http://securitytracker.com/id?1010770