Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4149

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4149
Last Modified 07 Mar 2011 09:27:46
Published 10 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4149

Summary

Lyris ListManager 8.8 through 8.9b allows remote attackers to obtain sensitive information by causing errors in TML scripts, such as via direct requests, which leaks the installation path, SQL queries, or product code in diagnostic messages.

Vulnerable Systems

Application

  • Lyris Technologies Inc Listmanager 5.0

  • Lyris Technologies Inc Listmanager 6.0

  • Lyris Technologies Inc Listmanager 7.0

  • Lyris Technologies Inc Listmanager 8.0

  • Lyris Technologies Inc Listmanager 8.8a


References

VUPEN - ADV-2005-2820

SECUNIA - 17943

MISC - http://metasploit.com/research/vulns/lyris_listmanager/

FULLDISC - 20051208 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer

BUGTRAQ - 20051209 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer


Last Updated: 27 May 2016 10:41:12