Vulnerability Description
Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bindview | Netrc | 1.0 |
| Funk Software | Funk Software Proxy | 3.0 |
References
- http://razor.bindview.com/publish/advisories/adv_FunkProxy.htmlPatchVendor Advisory
- http://www.iss.net/security_center/static/8792.php
- http://www.securityfocus.com/bid/4459
- http://razor.bindview.com/publish/advisories/adv_FunkProxy.htmlPatchVendor Advisory
- http://www.iss.net/security_center/static/8792.php
- http://www.securityfocus.com/bid/4459
FAQ
What is CVE-2002-0065?
CVE-2002-0065 is a vulnerability with a CVSS score of 7.2 (HIGH). Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry.
How severe is CVE-2002-0065?
CVE-2002-0065 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0065?
Check the references section above for vendor advisories and patch information. Affected products include: Bindview Netrc, Funk Software Funk Software Proxy.