CVE-2005-3140

Name of the Vulnerable Software and Affected Versions Procom NetFORCE 800 version 4.02 M10 Build 20 and possibly other versions

Description The issue allows remote attackers to obtain cleartext NIS password hashes because the NIS password map (passwd.nis) is sent as a file attachment in diagnostic e-mail messages.

Recommendations For version 4.02 M10 Build 20 and possibly other versions, consider disabling the feature that sends diagnostic e-mail messages with the NIS password map as a file attachment until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.