CVE-2005-4145

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/12/2005
Last modified:
03/04/2025

Description

The MSDE version of Lyris ListManager 5.0 through 8.9b configures the sa account in the database to use a password with a small search space ("lyris" and up to 5 digits, possibly from the process ID), which allows remote attackers to gain access via a brute force attack.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:lyris_technologies_inc:listmanager:5.0:*:*:*:*:*:*:*
cpe:2.3:a:lyris_technologies_inc:listmanager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:lyris_technologies_inc:listmanager:7.0:*:*:*:*:*:*:*
cpe:2.3:a:lyris_technologies_inc:listmanager:8.0:*:*:*:*:*:*:*
cpe:2.3:a:lyris_technologies_inc:listmanager:8.8a:*:*:*:*:*:*:*