Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5326

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2008-5326
Last Modified 05 Dec 2008 12:00:00
Published 04 Dec 2008 07:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5326

Summary

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.

Vulnerable Systems

Application

  • Ibm Rational Clearquest 7.0.0.0

  • Ibm Rational Clearquest 7.0.0.1

  • Ibm Rational Clearquest 7.0.0.2

  • Ibm Rational Clearquest 7.0.0.3

  • Ibm Rational Clearquest 7.0.1

  • Ibm Rational Clearquest 7.0.1.1

  • Ibm Rational Clearquest 7.0.1.2


References

AIXAPAR - PK30938

XF - clearquest-editboxes-info-disclosure(46994)

BID - 32577

SECUNIA - 32847


Last Updated: 27 May 2016 10:48:46