Lucene search

PRIOn knowledge basePRION:CVE-2007-0889

HistoryFeb 12, 2007 - 11:28 p.m.

Directory traversal

2007-02-1223:28:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON

Kiwi CatTools before 3.2.0 beta uses weak encryption (“reversible encoding”) for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue could be leveraged with a directory traversal vulnerability for a remote attack vector.

References

osvdb.org/33163

secunia.com/advisories/24103

securityreason.com/securityalert/2236

www.securityfocus.com/archive/1/459500/100/0/threaded

6.8 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2007-0889