Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1164

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1164
Last Modified 05 Sep 2008 05:01:12
Published 12 Mar 2006 04:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1164

Summary

Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat.

Vulnerable Systems

Application

  • Nodez 4.6.1.1


References

MISC - http://hamid.ir/security/nodez.txt

BID - 17066

OSVDB - 23775


Last Updated: 27 May 2016 10:41:57