PT-2003-1331 · Absolutetelnet · Absolutetelnet

Knud Erik Højgaard

Published

2003-02-01

Updated

2016-10-18

CVE-2003-0046

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions AbsoluteTelnet (affected versions not specified)

Description The issue concerns the AbsoluteTelnet SSH2 client, which fails to clear logon credentials from memory. This includes storing plaintext passwords in memory, making it possible for attackers with access to the memory to steal the SSH credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0046

Affected Products

Absolutetelnet

PT-2003-1331 · Absolutetelnet · Absolutetelnet

CVE-2003-0046

Related Identifiers

Affected Products

References · 7