Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0065

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-0065
Last Modified 10 Sep 2008 03:11:14
Published 22 Apr 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0065

Summary

Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry.

Vulnerable Systems

Application

  • Bindview Netrc 1.0

  • Bindview Netrc 3.06

  • Funk Software Proxy 3.0

  • Funk Software Proxy 3.06

  • Funk Software Proxy 3.09

  • Funk Software Proxy 3.09a


References

BINDVIEW - 20020408 Unauthorized remote control access to systems running Funk Software's Proxy v3.x

BID - 4459

XF - funk-proxy-weak-password(8792)


Last Updated: 27 May 2016 10:36:46