Comvigo IM Lock 2006 Insecure Password Storage Vulnerability
BID:16988
Info
Comvigo IM Lock 2006 Insecure Password Storage Vulnerability
| Bugtraq ID: | 16988 |
| Class: | Configuration Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 06 2006 12:00AM |
| Updated: | Mar 09 2006 09:50AM |
| Credit: | fRoGGz is credited with the discovery of this issue. |
| Vulnerable: |
Comvigo IM Lock 2006 0 |
| Not Vulnerable: | |
Discussion
Comvigo IM Lock 2006 Insecure Password Storage Vulnerability
A local insecure-password-storage vulnerability affects Comvigo IM Lock 2006. The application fails to store passwords with secure permissions by default.
A local attacker may leverage this issue to gain access to the administrative password for the vulnerable application. Attackers may then use this to bypass the security measures enforced by the application.
A local insecure-password-storage vulnerability affects Comvigo IM Lock 2006. The application fails to store passwords with secure permissions by default.
A local attacker may leverage this issue to gain access to the administrative password for the vulnerable application. Attackers may then use this to bypass the security measures enforced by the application.
Exploit / POC
Comvigo IM Lock 2006 Insecure Password Storage Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
Comvigo IM Lock 2006 Insecure Password Storage Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Comvigo IM Lock 2006 Insecure Password Storage Vulnerability
References:
References: