Vulnerabilities > CVE-2004-2049 - Unspecified vulnerability in Esesix products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

esesix

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access.

Vulnerable Configurations

Part	Description	Count
Hardware	Esesix Esesix Thintune M 2.4.38 Esesix Thintune Mobile 2.4.38 Esesix Thintune S 2.4.38 Esesix Thintune Extreme 2.4.38 Esesix Thintune L 2.4.38 Esesix Thintune XM 2.4.38 Esesix Thintune XS 2.4.38	7

References

http://marc.info/?l=bugtraq&m=109068491801021&w=2
http://marc.info/?l=bugtraq&m=109068491801021&w=2
http://secunia.com/advisories/12154
http://secunia.com/advisories/12154
http://securitytracker.com/id?1010770
http://securitytracker.com/id?1010770
http://www.osvdb.org/8247
http://www.osvdb.org/8247
http://www.securityfocus.com/bid/10794
http://www.securityfocus.com/bid/10794
https://exchange.xforce.ibmcloud.com/vulnerabilities/16795
https://exchange.xforce.ibmcloud.com/vulnerabilities/16795