Lucene search

[email protected]CVE-2005-4777

HistoryApr 13, 2006 - 10:00 a.m.

CVE-2005-4777

2006-04-1310:00:00

[email protected]

web.nvd.nist.gov

tashcom aspedit

cve-2005-4777

password storage

registry

security vulnerability

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Tashcom ASPEdit 2.9 stores the administration password (aka the FTP password) in cleartext in the registry, which might allow local users to view the password.

Affected configurations

NVD

Node

tashcomaspeditMatch2.9

CPENameOperatorVersion
tashcom:aspedittashcom aspediteq2.9

CPE	Name	Operator	Version
tashcom:aspedit	tashcom aspedit	eq	2.9

References

k.domaindlx.com/shellcore/advisories.asp?bug_report=display&infamous_group=94

securityreason.com/securityalert/37

securitytracker.com/id?1014989

www.osvdb.org/19744

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2005-4777

cvelist1 nvd1