Vulnerabilities > CVE-2004-1902 - Unspecified vulnerability in Citrix Metaframe Password Manager 2.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://marc.info/?l=bugtraq&m=108127948610311&w=2
- http://secunia.com/advisories/11293
- http://securitytracker.com/id?1009659
- http://support.citrix.com/kb/entry.jspa?entryID=4062&categoryID=256
- http://www.osvdb.org/4942
- http://www.securityfocus.com/bid/10049
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15737