Vulnerabilities > CVE-2005-0823 - Local Credential Storage vulnerability in Thepoolclub Ipool and Isnooker

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

thepoolclub

exploit available

NVD

Published: 2005-05-02

Updated: 2017-07-11

Summary

ThePoolClub (1) iPool and (2) iSnooker 1.6.81 and earlier stores usernames and passwords in cleartext in the MyDetails.txt file, which allows local users to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Thepoolclub Thepoolclub Ipool * Thepoolclub Isnooker *	2

Exploit-Db

description	iPool <= 1.6.81 Local Password Disclosure Exploit. CVE-2005-0823. Local exploit for windows platform
id	EDB-ID:885
last seen	2016-01-31
modified	2005-03-16
published	2005-03-16
reporter	Kozan
source	https://www.exploit-db.com/download/885/
title	iPool <= 1.6.81 - Local Password Disclosure Exploit

description	iSnooker <= 1.6.8 Local Password Disclosure Exploit. CVE-2005-0823. Local exploit for windows platform
id	EDB-ID:884
last seen	2016-01-31
modified	2005-03-16
published	2005-03-16
reporter	Kozan
source	https://www.exploit-db.com/download/884/
title	iSnooker <= 1.6.8 - Local Password Disclosure Exploit

Summary

Vulnerable Configurations

Exploit-Db

References