Vulnerability Details CVE-2003-0046
AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.6%
CVSS Severity
CVSS v2 Score 4.6
References
- http://marc.info/?l=bugtraq&m=104386492422014&w=2
- http://www.celestialsoftware.net/telnet/beta_software.html
- http://www.idefense.com/advisory/01.28.03.txt
- http://www.osvdb.org/7686
- http://www.securityfocus.com/bid/6725
- http://www.securitytracker.com/id?1006013
- http://marc.info/?l=bugtraq&m=104386492422014&w=2
- http://www.celestialsoftware.net/telnet/beta_software.html
- http://www.idefense.com/advisory/01.28.03.txt
- http://www.osvdb.org/7686
- http://www.securityfocus.com/bid/6725
- http://www.securitytracker.com/id?1006013
Products affected by CVE-2003-0046
-
cpe:2.3:a:celestial_software:absolutetelnet:2.11