Netrc
by Bindview
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2002-1676 | 0.00 | — | 0.00 | Dec 31, 2002 | BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete. | ||
| CVE-2002-0064 | 0.00 | — | 0.00 | Apr 22, 2002 | Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system. | ||
| CVE-2002-0065 | 0.00 | — | 0.00 | Apr 22, 2002 | Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry. | ||
| CVE-2002-0066 | 0.00 | — | 0.02 | Apr 22, 2002 | Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges. |
- CVE-2002-1676Dec 31, 2002risk 0.00cvss —epss 0.00
BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.
- CVE-2002-0064Apr 22, 2002risk 0.00cvss —epss 0.00
Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system.
- CVE-2002-0065Apr 22, 2002risk 0.00cvss —epss 0.00
Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry.
- CVE-2002-0066Apr 22, 2002risk 0.00cvss —epss 0.02
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges.