Computer Associates Unicenter Common Services明文密码漏洞

漏洞信息详情

Computer Associates Unicenter Common Services明文密码漏洞

• CNNVD编号：CNNVD-200412-178
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2004-2436
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2004-12-31
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  ca
• 漏洞来源：
  Computer Associates

Computer Associates Unicenter Common Services 3.0版本及之前版本在TndAddNspTmp.bat文件中的明文中储存数据库\”SA\” 密码，本地用户可以提升特权。

It is reported that the vendor has released a patch ‘QO58447’ and post-installation steps to address this vulnerability. This information is only available to customers that have a valid support account:
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO58447&os=NT&returninput=0

来源: XF
名称: unicenter-tndaddnsptmp-information-disclosure(17562)
链接:http://xforce.iss.net/xforce/xfdb/17562

来源: BID
名称: 11277
链接:http://www.securityfocus.com/bid/11277

来源: SECTRACK
名称: 1011468
链接:http://securitytracker.com/id?1011468

来源: SECUNIA
名称: 12639
链接:http://secunia.com/advisories/12639/

来源: OSVDB
名称: 10408
链接:http://osvdb.org/displayvuln.php?osvdb_id=10408