Unrated severityNVD Advisory· Published Mar 7, 2011· Updated Apr 29, 2026
CVE-2011-0436
CVE-2011-0436
Description
The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
Affected products
35cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*+ 34 more
- cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*range: <=0.32.8
- cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*
- cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.gplhost.sg/lists/dtcannounce/msg00025.htmlnvdPatch
- secunia.com/advisories/43523nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0556nvdVendor Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvd
- openwall.com/lists/oss-security/2011/02/22/1nvd
- packages.debian.org/changelogs/pool/main/d/dtc/dtc_0.29.17-1+lenny1/changelognvd
- packages.debian.org/changelogs/pool/main/d/dtc/dtc_0.32.10-1/changelognvd
- www.debian.org/security/2011/dsa-2179nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/65898nvd
News mentions
0No linked articles in our index yet.