Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2162

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2002-2162
Last Modified 05 Sep 2008 04:32:29
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-2162

Summary

Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts.

Vulnerable Systems

Application

  • Cerulean Studios Trillian 0.6351

  • Cerulean Studios Trillian 0.725

  • Cerulean Studios Trillian 0.73


References

BID - 5677

BUGTRAQ - 20020909 Trillian weakly encrypts saved passwords

XF - trillian-insecure-password-storage(10092)


Last Updated: 27 May 2016 10:37:38