Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0406

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-0406
Last Modified 05 Sep 2008 04:34:14
Published 30 Jun 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0406

Summary

PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges.

Vulnerable Systems

Application

  • Palmvnc 1.40


References

BID - 7696

XF - palmvnc-plaintext-passwords(12083)

BUGTRAQ - 20030526 PalmVNC 1.40 Insecure Records


Last Updated: 27 May 2016 10:37:54