CVE-2013-4114

Published: Aug 16, 2013

Modified: Sep 16, 2024

PUBLISHED

Description

The automatic update request in Nagstamont before 0.9.10 uses a cleartext base64 format for transmission of a username and password, which allows remote attackers to obtain sensitive information by sniffing the network.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20130711 Re: CVE Request -- Nagstamon (prior 0.9.10): Monitor server user credentials exposure in automated requests to get update information

mailing-list

x_refsource_MLIST

54072

third-party-advisory

x_refsource_SECUNIA

https://bugs.gentoo.org/show_bug.cgi?id=476538

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=983673

x_refsource_CONFIRM

http://nagstamon.ifw-dresden.de/docs/security/

x_refsource_CONFIRM

openSUSE-SU-2013:1235

vendor-advisory

x_refsource_SUSE

54276

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4114

Description

Affected Products

References