CVE-2002-1676
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2002
Last modified:
03/04/2025
Description
BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.
Impact
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:bindview:netinventory:1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:bindview:netrc:1.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://online.securityfocus.com/archive/1/252293
- http://online.securityfocus.com/archive/1/256056
- http://www.securityfocus.com/bid/3957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7992
- http://online.securityfocus.com/archive/1/252293
- http://online.securityfocus.com/archive/1/256056
- http://www.securityfocus.com/bid/3957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7992