Search...

CVE-2008-3605

2008-08-12T15:41:00

ID CVE-2008-3605
Type cve
Reporter NVD
Modified 2017-08-07T21:32:01

Description

Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for passwords is nonzero, allows remote attackers to conduct offline brute force attacks via unknown vectors.

JSON Vulners Source

Initial Source

{"id": "CVE-2008-3605", "bulletinFamily": "NVD", "title": "CVE-2008-3605", "description": "Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for passwords is nonzero, allows remote attackers to conduct offline brute force attacks via unknown vectors.", "published": "2008-08-12T15:41:00", "modified": "2017-08-07T21:32:01", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3605", "reporter": "NVD", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/44368", "http://www.securityfocus.com/bid/30630", "http://www.mcafee.com/apps/downloads/security_updates/hotfixes.asp?region=us&segment=enterprise", "http://www.vupen.com/english/advisories/2008/2324", "http://www.securitytracker.com/id?1020648"], "cvelist": ["CVE-2008-3605"], "type": "cve", "lastseen": "2017-08-08T11:24:50", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:mcafee:encrypted_usb_manager:3.1.0.0"], "cvelist": ["CVE-2008-3605"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for passwords is nonzero, allows remote attackers to conduct offline brute force attacks via unknown vectors.", "edition": 1, "enchantments": {}, "hash": "e208a7107b864b542cc0afd1c2a4a67a0409df5f6a6d6408a977085ba24e1e00", "hashmap": [{"hash": "72c7c7827ba67e096fd7ce55af3bd464", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "ae0d6c3f6a51a8e657874376a66dbc42", "key": "cvelist"}, {"hash": "3e3ac5aaa768731a72e9fb2602fae4bd", "key": "published"}, {"hash": "0859a90a062998f03ab4d4efe5f9e219", "key": "title"}, {"hash": "786422b9f904b7716c6cc6ea560bb8c7", "key": "description"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "d23dce8498b6e8b00334a595f208deab", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "17a164248a461063177c4aa5a7b558dd", "key": "cpe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "a105ea7f1f24b057814713d9939853f6", "key": "modified"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3605", "id": "CVE-2008-3605", "lastseen": "2016-09-03T10:53:53", "modified": "2011-03-07T22:11:02", "objectVersion": "1.2", "published": "2008-08-12T15:41:00", "references": ["http://xforce.iss.net/xforce/xfdb/44368", "http://www.securityfocus.com/bid/30630", "http://www.mcafee.com/apps/downloads/security_updates/hotfixes.asp?region=us&segment=enterprise", "http://www.vupen.com/english/advisories/2008/2324", "http://www.securitytracker.com/id?1020648"], "reporter": "NVD", "scanner": [], "title": "CVE-2008-3605", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T10:53:53"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "17a164248a461063177c4aa5a7b558dd"}, {"key": "cvelist", "hash": "ae0d6c3f6a51a8e657874376a66dbc42"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "786422b9f904b7716c6cc6ea560bb8c7"}, {"key": "href", "hash": "d23dce8498b6e8b00334a595f208deab"}, {"key": "modified", "hash": "74c51a6fb43269ca9755de3aa1525ce0"}, {"key": "published", "hash": "3e3ac5aaa768731a72e9fb2602fae4bd"}, {"key": "references", "hash": "b3ea7e24af0160237835dfb40f02830b"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "0859a90a062998f03ab4d4efe5f9e219"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "26b8e058b9cb45d52b4b535cbfb2ea64cc461a9b9b92d094290367b621efb025", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2017-08-08T11:24:50"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:mcafee:encrypted_usb_manager:3.1.0.0"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"openvas": [{"lastseen": "2017-07-02T21:10:10", "references": ["http://secunia.com/advisories/31433/", "http://www.mcafee.com/apps/downloads/security_updates/hotfixes.asp?region=us&segment=enterprise"], "pluginID": "900026", "description": "The host is running McAfee Encrypted USB Manager, which is prone\n to sensitive information disclosure vulnerability.", "edition": 1, "reporter": "Copyright (C) 2008 SecPod", "published": "2008-08-22T00:00:00", "title": "McAfee Encrypted USB Manager Remote Security Bypass Vulnerability", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Brute force attacks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3605"], "modified": "2017-02-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=900026", "id": "OPENVAS:900026", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_mcafee_encrypt_usb_mngr_sec_bypass_vuln_900026.nasl 5370 2017-02-20 15:24:26Z cfi $\n# Description: McAfee Encrypted USB Manager Remote Security Bypass Vulnerability\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2008 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n##############################################################################\n\ntag_impact = \"Remote exploitation could lead an attacker towards password\n guessing.\n Impact Level : Application\";\n\ntag_solution = \"Apply Service Pack 1,\n http://download.nai.com/products/patches/EncryptedUSB/ServicePack1-McAfeeEncryptedUSBManagerv3.zip\n OR\n Upgrade to latest McAfee Encrypted USB Manager,\n http://mcafee.com\";\n\n\ntag_summary = \"The host is running McAfee Encrypted USB Manager, which is prone\n to sensitive information disclosure vulnerability.\";\n\ntag_affected = \"McAfee Encrypted USB Manager 3.1.0.0 on Windows (All).\";\ntag_insight = \"The issue is caused when the password policy, 'Re-use Threshold' is set to\n non-zero value.\";\n\n\nif(description)\n{\n script_id(900026);\n script_version(\"$Revision: 5370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 16:24:26 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-08-22 10:29:01 +0200 (Fri, 22 Aug 2008)\");\n script_cve_id(\"CVE-2008-3605\");\n script_bugtraq_id(30630);\n script_copyright(\"Copyright (C) 2008 SecPod\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_family(\"Brute force attacks\");\n script_name(\"McAfee Encrypted USB Manager Remote Security Bypass Vulnerability\");\n\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"impact\" , value : tag_impact);\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/31433/\");\n script_xref(name : \"URL\" , value : \"http://www.mcafee.com/apps/downloads/security_updates/hotfixes.asp?region=us&segment=enterprise\");\n exit(0);\n}\n\n\n include(\"smb_nt.inc\");\n\n if(!get_kb_item(\"SMB/WindowsVersion\")){\n exit(0);\n }\n\n # Check McAfee Encrypted USB Manager Installation\n if(!registry_key_exists(key:\"SOFTWARE\\McAfee\\ACCESSEnterpriseManager\")){\n\texit(0);\n }\n\n name = kb_smb_name();\n login = kb_smb_login();\n domain = kb_smb_domain();\n pass = kb_smb_password();\n port = kb_smb_transport();\n \n soc = open_sock_tcp(port);\n if(!soc){\n exit(0); \n }\n\n r = smb_session_request(soc:soc, remote:name);\n if(!r){\n close(soc);\n exit(0);\n }\n \n prot = smb_neg_prot(soc:soc) ;\n if(!prot){\n close(soc);\n exit(0);\n }\n \n r = smb_session_setup(soc:soc, login:login, password:pass, domain:domain, prot:prot);\n if(!r)\n {\n\tclose(soc);\n exit(0);\n }\n\n uid = session_extract_uid(reply:r);\n if(!uid)\n {\n\tclose(soc);\n exit(0);\n }\n\n r = smb_tconx(soc:soc, name:name, uid:uid, share:\"IPC$\");\n if(!r)\n {\n\tclose(soc);\n exit(0);\n }\n\n tid = tconx_extract_tid(reply:r);\n if (!tid){\n close(soc);\n exit(0);\n }\n\n r = smbntcreatex(soc:soc, uid:uid, tid:tid, name:\"\\winreg\");\n if(!r){\n close(soc);\n exit(0);\n }\n\n pipe = smbntcreatex_extract_pipe(reply:r);\n if (!pipe){\n close(soc);\n exit(0);\n }\n\n r = pipe_accessible_registry(soc:soc, uid:uid, tid:tid, pipe:pipe);\n if(!r){\n close(soc);\n exit(0);\n }\n\n handle = registry_open_hklm(soc:soc, uid:uid, tid:tid, pipe:pipe);\n if(!handle){\n close(soc);\n exit(0);\n }\n\n key = \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\";\n\n key_h = registry_get_key(soc:soc, uid:uid ,tid:tid ,pipe:pipe,key:key,reply:handle);\n if(!key_h)\n {\n\tclose(soc);\n exit(0);\n }\n entries = registry_enum_key(soc:soc, uid:uid, tid:tid, pipe:pipe, reply:key_h);\n close(soc);\n\n foreach entry (entries)\n {\n mcAfee = registry_get_sz(key:key + entry, item:\"DisplayName\");\n if(\"McAfee Encrypted USB Manager\" >< mcAfee)\n {\n if(egrep(pattern:\"McAfee Encrypted USB Manager 3\\.1(\\.0)?$\",\n\t\t\t string:mcAfee)){\n security_message(0);\n }\n exit(0);\n }\n }\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-24T18:21:49", "references": ["http://secunia.com/advisories/31433/", "http://www.mcafee.com/apps/downloads/security_updates/hotfixes.asp?region=us&segment=enterprise"], "pluginID": "1361412562310900026", "description": "The host is running McAfee Encrypted USB Manager, which is prone\n to sensitive information disclosure vulnerability.", "edition": 4, "reporter": "Copyright (C) 2008 SecPod", "published": "2008-08-22T00:00:00", "title": "McAfee Encrypted USB Manager Remote Security Bypass Vulnerability", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Brute force attacks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3605"], "modified": "2018-09-24T00:00:00", "id": "OPENVAS:1361412562310900026", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900026", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_mcafee_encrypt_usb_mngr_sec_bypass_vuln_900026.nasl 11570 2018-09-24 11:54:11Z cfischer $\n#\n# McAfee Encrypted USB Manager Remote Security Bypass Vulnerability\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2008 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n##############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900026\");\n script_version(\"$Revision: 11570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-24 13:54:11 +0200 (Mon, 24 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2008-08-22 10:29:01 +0200 (Fri, 22 Aug 2008)\");\n script_cve_id(\"CVE-2008-3605\");\n script_bugtraq_id(30630);\n script_copyright(\"Copyright (C) 2008 SecPod\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Brute force attacks\");\n script_name(\"McAfee Encrypted USB Manager Remote Security Bypass Vulnerability\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/31433/\");\n script_xref(name:\"URL\", value:\"http://www.mcafee.com/apps/downloads/security_updates/hotfixes.asp?region=us&segment=enterprise\");\n\n script_tag(name:\"affected\", value:\"McAfee Encrypted USB Manager 3.1.0.0 on Windows (All).\");\n script_tag(name:\"insight\", value:\"The issue is caused when the password policy, 'Re-use Threshold' is set to\n non-zero value.\");\n\n script_tag(name:\"summary\", value:\"The host is running McAfee Encrypted USB Manager, which is prone\n to sensitive information disclosure vulnerability.\");\n\n script_tag(name:\"solution\", value:\"Apply Service Pack 1,\n http://download.nai.com/products/patches/EncryptedUSB/ServicePack1-McAfeeEncryptedUSBManagerv3.zip\n\n OR\n\n Upgrade to latest McAfee Encrypted USB Manager,\n http://mcafee.com\");\n\n script_tag(name:\"impact\", value:\"Remote exploitation could lead an attacker towards password\n guessing.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!registry_key_exists(key:\"SOFTWARE\\McAfee\\ACCESSEnterpriseManager\")){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\";\n\nforeach entry(registry_enum_keys(key:key)) {\n\n mcAfee = registry_get_sz(key:key + entry, item:\"DisplayName\");\n\n if(mcAfee && \"McAfee Encrypted USB Manager\" >< mcAfee) {\n\n if(egrep(pattern:\"McAfee Encrypted USB Manager 3\\.1(\\.0)?$\", string:mcAfee)){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n exit(99);\n }\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}