Novell Nsure Identity Manager Password Hint Plaintext Storage Weakness
BID:10134
Info
Novell Nsure Identity Manager Password Hint Plaintext Storage Weakness
| Bugtraq ID: | 10134 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 13 2004 12:00AM |
| Updated: | Apr 13 2004 12:00AM |
| Credit: | The vendor disclosed this weakness. |
| Vulnerable: |
Novell Nsure Identity Manager 2.0 |
| Not Vulnerable: | |
Discussion
Novell Nsure Identity Manager Password Hint Plaintext Storage Weakness
When Novell Identity Manager Password Policies has been installed and the universal password option has been enabled, Novell Nsure may be prone to a weakness.
The password hint may be disclosed because it is stored in plaintext format.
Information harvested in this manner may be used in further attacks that are launched against the target system.
When Novell Identity Manager Password Policies has been installed and the universal password option has been enabled, Novell Nsure may be prone to a weakness.
The password hint may be disclosed because it is stored in plaintext format.
Information harvested in this manner may be used in further attacks that are launched against the target system.
Exploit / POC
Novell Nsure Identity Manager Password Hint Plaintext Storage Weakness
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Novell Nsure Identity Manager Password Hint Plaintext Storage Weakness
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Novell Nsure Identity Manager Password Hint Plaintext Storage Weakness
References:
References: