Vulnerability Description
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Netware | 6.5 |
References
- http://secunia.com/advisories/11188PatchVendor Advisory
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htmPatchVendor Advisory
- http://www.securityfocus.com/bid/9934Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15600
- http://secunia.com/advisories/11188PatchVendor Advisory
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htmPatchVendor Advisory
- http://www.securityfocus.com/bid/9934Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15600
FAQ
What is CVE-2004-2414?
CVE-2004-2414 is a vulnerability with a CVSS score of 2.1 (LOW). Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2)...
How severe is CVE-2004-2414?
CVE-2004-2414 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2414?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Netware.