Back to search
CVE-2002-1676
Published: Jun 21, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3957
vdb-entry
x_refsource_BID
20020213 RE: BindView NetInventory NetRC hostcfg_ni password passed in cle ar text
mailing-list
x_refsource_BUGTRAQ
bindview-netinventory-plaintext-password(7992)
vdb-entry
x_refsource_XF
20020124 BindView NetInventory NetRC hostcfg_ni password passed in clear t ext
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now