VDG Security SENSE (formerly DIVA) 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:20:38
Updated: 2022-10-03T16:20:38
Reserved: 2022-10-03T00:00:00
Link: CVE-2014-9577
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-01-08T15:59:02.610
Modified: 2015-01-08T19:50:15.517
Link: CVE-2014-9577
JSON object: View
Redhat Information
No data.
CWE