CVE-2002-1676

Name of the Vulnerable Software and Affected Versions BindView NetInventory version 1.0

Description The issue allows local users to read sensitive information, such as passwords, by manipulating the HOSTCFG. NI file and forcing an audit. This process rewrites the HOSTCFG. NI to HOSTCFG.INI, storing the passwords in cleartext until the audit is complete.

Recommendations For BindView NetInventory version 1.0, consider restricting access to the HOSTCFG. NI file and avoid forcing audits unless necessary, to minimize the risk of password exposure. Additionally, monitor the system for any unauthorized access or modifications to the HOSTCFG. NI file.