Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3209

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-3209
Last Modified 05 Sep 2008 04:53:44
Published 14 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3209

Summary

Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.

Vulnerable Systems

Application

  • Aenovo

  • Aenovoshop

  • Aenovowysi


References

XF - aenovo-password-information-disclosure(22549)

MISC - http://www.kapda.ir/advisory-78.html

SECUNIA - 17117

BUGTRAQ - 20051007 Aenovo Multiple Vulnerabilities

OSVDB - 19939


Last Updated: 27 May 2016 10:40:50