PT-2003-1331 · Absolutetelnet · Absolutetelnet

Knud Erik Højgaard

Publicado

2003-02-01

Atualizado

2016-10-18

CVE-2003-0046

CVSS v2.0

4.6

Média

Vetor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions AbsoluteTelnet (affected versions not specified)

Description The issue concerns the AbsoluteTelnet SSH2 client, which fails to clear logon credentials from memory. This includes storing plaintext passwords in memory, making it possible for attackers with access to the memory to steal the SSH credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2003-0046

Produtos afetados

Absolutetelnet

PT-2003-1331 · Absolutetelnet · Absolutetelnet

CVE-2003-0046

Identificadores relacionados

Produtos afetados

Referências · 7