VYPR
Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026

CVE-2004-2398

CVE-2004-2398

Description

Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.

Affected products

2
  • cpe:2.3:a:netenberg:fantastico_de_luxe:2.8:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:netenberg:fantastico_de_luxe:2.8:*:*:*:*:*:*:*
    • (no CPE)range: =2.8

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.