Vulnerabilities > CVE-2006-1009 - Local Security vulnerability in Enigma-Suite

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

m4-project

NVD

Published: 2006-03-06

Updated: 2017-07-20

Summary

M4 Project enigma-suite before 0.73.3 (Windows) has a default password of "nominal" for the "enigma-client" account, which allows local users to gain access.

Vulnerable Configurations

Part	Description	Count
Application	M4_Project M4 Project Enigma Suite 0.70 M4 Project Enigma Suite 0.71 M4 Project Enigma Suite 0.72 M4 Project Enigma Suite 0.73 M4 Project Enigma Suite 0.73.1 M4 Project Enigma Suite 0.73.2	6

References

http://secunia.com/advisories/19077
http://www.bytereef.org/m4-project-blog.html
http://www.osvdb.org/23572
http://www.vupen.com/english/advisories/2006/0787
https://exchange.xforce.ibmcloud.com/vulnerabilities/24993