Vulnerability Details CVE-2002-1676
BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.6%
CVSS Severity
CVSS v2 Score 2.1
References
- http://online.securityfocus.com/archive/1/252293
- http://online.securityfocus.com/archive/1/256056
- http://www.securityfocus.com/bid/3957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7992
- http://online.securityfocus.com/archive/1/252293
- http://online.securityfocus.com/archive/1/256056
- http://www.securityfocus.com/bid/3957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7992
Products affected by CVE-2002-1676
-
cpe:2.3:a:bindview:netinventory:1.0
-
cpe:2.3:a:bindview:netrc:1.0