CVE-2005-1606

Опубликовано: 16 мая 2005

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such as username and password in plaintext in world-readable log files, which allows local users to gain privileges.

Ссылки

http://exploitlabs.com/files/advisories/EXPL-A-2005-007-hsphere.txt
Exploit
Patch
http://secunia.com/advisories/15287
Patch
http://www.osvdb.org/16239
http://www.psoft.net/misc/hsphere_winbox_security_update_passwd.html
Patch
http://www.securityfocus.com/bid/13559
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/20522
http://exploitlabs.com/files/advisories/EXPL-A-2005-007-hsphere.txt
Exploit
Patch
http://secunia.com/advisories/15287
Patch
http://www.osvdb.org/16239
http://www.psoft.net/misc/hsphere_winbox_security_update_passwd.html
Patch
http://www.securityfocus.com/bid/13559
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/20522

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:positive_software:h-sphere_winbox:2.4.2_patch_4:*:*:*:*:*:*:*

cpe:2.3:a:positive_software:h-sphere_winbox:2.4.3_rc1:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00333

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-rwgf-rvq6-pgcm

github

почти 4 года назад