Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2223

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2223
Last Modified 17 Mar 2015 09:59:05
Published 09 Aug 2011 06:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2223

Summary

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

Vulnerable Systems

Application

  • Novell Data Synchronizer 1.0.0

  • Novell Data Synchronizer 1.1.0

  • Novell Data Synchronizer 1.1.1

  • Novell Data Synchronizer 1.1.2

  • Novell Mobility Pack 1.0

  • Novell Mobility Pack 1.1

  • Novell Mobility Pack 1.1.1

  • Novell Mobility Pack 1.1.2


References

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=7009055

SECUNIA - 45527

BID - 49069


Last Updated: 27 May 2016 11:08:06