PT-2002-1154 · Funk+1 · Funk Software Proxy Host+1

Publicado

2002-04-22

Atualizado

2008-09-10

CVE-2002-0065

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Funk Software Proxy Host versions 3.x

Description The issue concerns weak encryption used for the Proxy Host password, allowing local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry.

Recommendations For Funk Software Proxy Host version 3.x, consider changing the password storage mechanism to a stronger encryption method to prevent password recovery from the PHOST.INI file or the Windows registry.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-0065

Produtos afetados

Funk Software Proxy Host

Windows

PT-2002-1154 · Funk+1 · Funk Software Proxy Host+1

CVE-2002-0065

Identificadores relacionados

Produtos afetados

Referências · 4