CVE-2004-2398
N/A
N/A
Summary
Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16197
- http://archives.neohapsis.com/archives/bugtraq/2004-05/0206.html
- http://www.securityfocus.com/bid/10390
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16197
- http://archives.neohapsis.com/archives/bugtraq/2004-05/0206.html
- http://www.securityfocus.com/bid/10390
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.