BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bindview netrc 1.0 |
||
bindview netinventory 1.0 |