Vulnerabilities > CVE-2007-0889 - Unspecified vulnerability in Kiwi Enterprises Kiwi Cattools
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue could be leveraged with a directory traversal vulnerability for a remote attack vector.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://osvdb.org/33163
- http://osvdb.org/33163
- http://secunia.com/advisories/24103
- http://secunia.com/advisories/24103
- http://securityreason.com/securityalert/2236
- http://securityreason.com/securityalert/2236
- http://www.securityfocus.com/archive/1/459500/100/0/threaded
- http://www.securityfocus.com/archive/1/459500/100/0/threaded