Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/02/2003 Updated: 18/10/2016

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and previous versions, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.

Vulnerable Product	Search on Vulmon	Subscribe to Product
van dyke technologies securecrt 3.4.7
van dyke technologies securecrt 4.0.2
van dyke technologies securefx 2.0.4
van dyke technologies securefx 2.1.2
van dyke technologies entunnel

NVD-CWE-Other http://www.idefense.com/advisory/01.28.03.txt http://www.securityfocus.com/bid/6726 http://www.securityfocus.com/bid/6727 http://www.securityfocus.com/bid/6728 http://www.securitytracker.com/id?1006010 http://www.securitytracker.com/id?1006011 http://www.securitytracker.com/id?1006012 http://marc.info/?l=bugtraq&m=104386492422014&w=2 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0047

Vulnerability Summary

References

Vulmon Search

About

Products

Connect