PT-2011-4583 · Netsaro · Netsaro Enterprise Messenger Server

Published

2011-09-27

Updated

2012-05-21

CVE-2011-3693

CVSS v2.0

1.9

Low

Vector

AV:L/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions NetSaro Enterprise Messenger Server version 2.0

Description The issue allows local users to discover cleartext server credentials by reading the NetSaro.fdb file.

Recommendations For NetSaro Enterprise Messenger Server version 2.0, consider restricting access to the NetSaro.fdb file to prevent unauthorized users from reading the cleartext server credentials. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2011-3693

Affected Products

Netsaro Enterprise Messenger Server

PT-2011-4583 · Netsaro · Netsaro Enterprise Messenger Server

CVE-2011-3693

Weakness Enumeration

Related Identifiers

Affected Products

References · 2