Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2048

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-2048
Last Modified 05 Sep 2008 04:43:03
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2048

Summary

radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access.

Vulnerable Systems


References

XF - thintune-password-gain-access(16790)

BID - 10794

SECUNIA - 12154

BUGTRAQ - 20040724 eSeSIX Thintune thin client multiple vulnerabilities

OSVDB - 8246

SECTRACK - 1010770


Last Updated: 27 May 2016 10:39:18