Vulnerabilities > CVE-2002-0235 - Unspecified vulnerability in Castelle Faxpress 6.3

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

castelle

NVD

Published: 2002-05-29

Updated: 2008-09-05

Summary

Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event.

Vulnerable Configurations

Part	Description	Count
Application	Castelle Castelle Faxpress 6.3	1

References

http://online.securityfocus.com/archive/1/254168
http://www.iss.net/security_center/static/8086.php
http://www.securityfocus.com/bid/4030