ID CVE-2004-2414
Summary Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.
References
Vulnerable Configurations
  • cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*
    cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 11-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 9934
confirm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htm
secunia 11188
xf netware-installation-file-disclosure(15600)
Last major update 11-07-2017 - 01:31
Published 31-12-2004 - 05:00
Back to Top