2 matches found
CVE-2006-6617
projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated users to obtain the MSProjectUser password for a SQL database via a GetInitializationData request, which includes the information in the UserName and Password tags of the response...
CVE-2006-6617
CVE-2006-6617 affects Microsoft Project Server 2003. The vulnerability lies in projectserver/logon/pdsrequest.asp where a GetInitializationData response can expose the UserName and Password fields, allowing remote authenticated users to obtain the MSProjectUser password for the SQL database. The ...