Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2414

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-2414
Last Modified 05 Sep 2008 04:44:04
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2414

Summary

Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.

Vulnerable Systems

Operating System

  • Novell Netware 6.5


References

XF - netware-installation-file-disclosure(15600)

BID - 9934

CONFIRM - http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htm

SECUNIA - 11188


Last Updated: 27 May 2016 10:39:28