Tarantella Enterprise/Secure Global Desktop Remote Information Disclosure Vulnerability
BID:12591
Info
Tarantella Enterprise/Secure Global Desktop Remote Information Disclosure Vulnerability
| Bugtraq ID: | 12591 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 18 2005 12:00AM |
| Updated: | Feb 18 2005 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Tarantella Secure Global Desktop Enterprise Edition 4.0 Tarantella Secure Global Desktop Enterprise Edition 3.42 Tarantella Enterprise 3 3.40 Tarantella Enterprise 3 3.30 |
| Not Vulnerable: | |
Discussion
Tarantella Enterprise/Secure Global Desktop Remote Information Disclosure Vulnerability
Tarantella Enterprise 3 and Secure Global Desktop products are prone to an information disclosure vulnerability. This issue arises from a design error that may allow an attacker to gather sensitive information about a vulnerable computer. Information gathered by exploiting this vulnerability may be used to launch other attacks against a computer.
Specifically, computers running Tarantella Enterprise 3 and Secure Global Desktop products in combination with RSA SecurID and multiple users with the same username are affected.
Tarantella Enterprise 3 and Secure Global Desktop products are prone to an information disclosure vulnerability. This issue arises from a design error that may allow an attacker to gather sensitive information about a vulnerable computer. Information gathered by exploiting this vulnerability may be used to launch other attacks against a computer.
Specifically, computers running Tarantella Enterprise 3 and Secure Global Desktop products in combination with RSA SecurID and multiple users with the same username are affected.
Exploit / POC
Tarantella Enterprise/Secure Global Desktop Remote Information Disclosure Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
Tarantella Enterprise/Secure Global Desktop Remote Information Disclosure Vulnerability
Solution:
The vendor has released an advisory including information to resolve this issue. Please see the advisory in Web references for more information.
Solution:
The vendor has released an advisory including information to resolve this issue. Please see the advisory in Web references for more information.
References
Tarantella Enterprise/Secure Global Desktop Remote Information Disclosure Vulnerability
References:
References:
- Tarantella Home Page (Tarantella)
- Tarantella Security Bulletin #11 (Tarantella)