Lucene search

[email protected]CVE-2004-1852

HistoryMay 10, 2005 - 4:00 a.m.

CVE-2004-1852

2005-05-1004:00:00

CWE-319

[email protected]

web.nvd.nist.gov

security

vulnerability

dameware

mini remote control

plaintext

blowfish

encryption

transmission

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.3 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.

Affected configurations

NVD

Node

solarwindsdameware_mini_remote_controlRange3.0–3.74

solarwindsdameware_mini_remote_controlRange4.0–4.2

CPENameOperatorVersion
solarwinds:dameware_mini_remote_controlsolarwinds dameware mini remote controllt3.74
solarwinds:dameware_mini_remote_controlsolarwinds dameware mini remote controllt4.2

CPE	Name	Operator	Version
solarwinds:dameware_mini_remote_control	solarwinds dameware mini remote control	lt	3.74
solarwinds:dameware_mini_remote_control	solarwinds dameware mini remote control	lt	4.2

References

marc.info/?l=bugtraq&m=108016344224973&w=2

secunia.com/advisories/11205

securitytracker.com/id?1009557

www.dameware.com/support/security/bulletin.asp?ID=SB3

www.osvdb.org/4547

www.securityfocus.com/bid/9959

exchange.xforce.ibmcloud.com/vulnerabilities/15586

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.3 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Related for CVE-2004-1852

cvelist1 nvd1