Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1672

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-1672
Last Modified 20 Apr 2011 10:33:52
Published 09 Apr 2011 10:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1672

Summary

The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (2) sysprep.inf file, as demonstrated by reading a password.

Vulnerable Systems


References

CERT-VN - VU#598700

XF - dell-kacek2000-peinst-info-disclosure(66630)

VUPEN - ADV-2011-0883

BID - 47172

CONFIRM - http://www.kace.com/support/kb/index.php?action=artikel&cat=1&id=1104


Last Updated: 27 May 2016 10:56:24