CVE-2004-2398
First published: Fri Dec 31 2004(Updated: )
Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netenberg Fantastico De Luxe | =2.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/netenberg
- canonical/netenberg fantastico de luxe
- version/netenberg fantastico de luxe/2.8