PT-1999-1877 · Wvdial · Wvdial

Published

1999-12-14

Updated

2008-09-10

CVE-2000-0361

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions wvdial versions 1.4 and earlier

Description The issue concerns the PPP wvdial.lxdialog script in wvdial, which creates a .config file with world-readable permissions. This allows a local attacker in the dialout group to access login and password information.

Recommendations For wvdial versions 1.4 and earlier, consider restricting access to the .config file created by the wvdial.lxdialog script to prevent unauthorized access to login and password information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0361

Affected Products

Wvdial

PT-1999-1877 · Wvdial · Wvdial

CVE-2000-0361

Related Identifiers

Affected Products

References · 2