Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event.
References
Link | Resource |
---|---|
http://online.securityfocus.com/archive/1/254168 | Patch Vendor Advisory |
http://www.iss.net/security_center/static/8086.php | Vendor Advisory |
http://www.securityfocus.com/bid/4030 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-05-03T04:00:00
Updated: 2002-05-09T09:00:00
Reserved: 2002-05-01T00:00:00
Link: CVE-2002-0235
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-05-29T04:00:00.000
Modified: 2008-09-05T20:27:30.777
Link: CVE-2002-0235
JSON object: View
Redhat Information
No data.
CWE