Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1745

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-1745
Last Modified 09 Jun 2009 01:34:34
Published 21 May 2009 11:30:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1745

Summary

Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default root password hash, and permits password-based root logins over SSH, which makes it easier for remote attackers to obtain access.

Vulnerable Systems

Application

  • Armorlogic Profense Web Application Firewall 2.2.21

  • Armorlogic Profense Web Application Firewall 2.4


References

XF - profense-default-password(50852)

BUGTRAQ - 20090520 Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities.


Last Updated: 27 May 2016 10:50:40