Lucene search

[email protected]CVE-2005-4506

HistoryDec 23, 2005 - 12:03 a.m.

CVE-2005-4506

2005-12-2300:03:00

[email protected]

web.nvd.nist.gov

cve-2005-4506

nexus concepts

dev hound

privilege escalation

username

password

cleartext

local users

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges.

Affected configurations

NVD

Node

nexus_conceptsdev_houndMatch1.50

nexus_conceptsdev_houndMatch1.51

nexus_conceptsdev_houndMatch1.52

nexus_conceptsdev_houndMatch1.60

nexus_conceptsdev_houndMatch1.61

nexus_conceptsdev_houndMatch1.70

nexus_conceptsdev_houndMatch1.80

nexus_conceptsdev_houndMatch1.81

nexus_conceptsdev_houndMatch2.0

nexus_conceptsdev_houndMatch2.01

nexus_conceptsdev_houndMatch2.02

nexus_conceptsdev_houndMatch2.03

nexus_conceptsdev_houndMatch2.04

nexus_conceptsdev_houndMatch2.10

nexus_conceptsdev_houndMatch2.11

nexus_conceptsdev_houndMatch2.12

nexus_conceptsdev_houndMatch2.13

nexus_conceptsdev_houndMatch2.20

nexus_conceptsdev_houndMatch2.21

nexus_conceptsdev_houndMatch2.22

nexus_conceptsdev_houndMatch2.23

nexus_conceptsdev_houndMatch2.24

CPENameOperatorVersion
nexus_concepts:dev_houndnexus concepts dev houndeq1.50
nexus_concepts:dev_houndnexus concepts dev houndeq1.51
nexus_concepts:dev_houndnexus concepts dev houndeq1.52
nexus_concepts:dev_houndnexus concepts dev houndeq1.60
nexus_concepts:dev_houndnexus concepts dev houndeq1.61
nexus_concepts:dev_houndnexus concepts dev houndeq1.70
nexus_concepts:dev_houndnexus concepts dev houndeq1.80
nexus_concepts:dev_houndnexus concepts dev houndeq1.81
nexus_concepts:dev_houndnexus concepts dev houndeq2.0
nexus_concepts:dev_houndnexus concepts dev houndeq2.01

CPE	Name	Operator	Version
nexus_concepts:dev_hound	nexus concepts dev hound	eq	1.50
nexus_concepts:dev_hound	nexus concepts dev hound	eq	1.51
nexus_concepts:dev_hound	nexus concepts dev hound	eq	1.52
nexus_concepts:dev_hound	nexus concepts dev hound	eq	1.60
nexus_concepts:dev_hound	nexus concepts dev hound	eq	1.61
nexus_concepts:dev_hound	nexus concepts dev hound	eq	1.70
nexus_concepts:dev_hound	nexus concepts dev hound	eq	1.80
nexus_concepts:dev_hound	nexus concepts dev hound	eq	1.81
nexus_concepts:dev_hound	nexus concepts dev hound	eq	2.0
nexus_concepts:dev_hound	nexus concepts dev hound	eq	2.01

Rows per page:

1-10 of 221

References

secunia.com/advisories/18164

www.exploitlabs.com/files/advisories/EXPL-A-2005-017-devhound.txt

www.securityfocus.com/bid/16042

www.vupen.com/english/advisories/2005/3047

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2005-4506

nvd1 cvelist1