Search
Find a vulnerability
Search criteria
2 vulnerabilities found for entunnel by van_dyke_technologies
CVE-2003-0047 (GCVE-0-2003-0047)
Vulnerability from nvd – Published: 2003-02-01 05:00 – Updated: 2024-08-08 01:43
VLAI
Summary
SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=104386492422014&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/6727 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/6728 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1006011 | vdb-entryx_refsource_SECTRACK |
| http://www.securitytracker.com/id?1006010 | vdb-entryx_refsource_SECTRACK |
| http://www.securitytracker.com/id?1006012 | vdb-entryx_refsource_SECTRACK |
| http://www.idefense.com/advisory/01.28.03.txt | x_refsource_MISC |
| http://www.securityfocus.com/bid/6726 | vdb-entryx_refsource_BID |
Date Public
2003-01-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104386492422014\u0026w=2"
},
{
"name": "6727",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6727"
},
{
"name": "6728",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6728"
},
{
"name": "1006011",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006011"
},
{
"name": "1006010",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006010"
},
{
"name": "1006012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006012"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/01.28.03.txt"
},
{
"name": "6726",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6726"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104386492422014\u0026w=2"
},
{
"name": "6727",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6727"
},
{
"name": "6728",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6728"
},
{
"name": "1006011",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006011"
},
{
"name": "1006010",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006010"
},
{
"name": "1006012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006012"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/01.28.03.txt"
},
{
"name": "6726",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6726"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104386492422014\u0026w=2"
},
{
"name": "6727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6727"
},
{
"name": "6728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6728"
},
{
"name": "1006011",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006011"
},
{
"name": "1006010",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006010"
},
{
"name": "1006012",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006012"
},
{
"name": "http://www.idefense.com/advisory/01.28.03.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/01.28.03.txt"
},
{
"name": "6726",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6726"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0047",
"datePublished": "2003-02-01T05:00:00.000Z",
"dateReserved": "2003-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:43:35.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0047 (GCVE-0-2003-0047)
Vulnerability from cvelistv5 – Published: 2003-02-01 05:00 – Updated: 2024-08-08 01:43
VLAI
Summary
SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=104386492422014&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/6727 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/6728 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1006011 | vdb-entryx_refsource_SECTRACK |
| http://www.securitytracker.com/id?1006010 | vdb-entryx_refsource_SECTRACK |
| http://www.securitytracker.com/id?1006012 | vdb-entryx_refsource_SECTRACK |
| http://www.idefense.com/advisory/01.28.03.txt | x_refsource_MISC |
| http://www.securityfocus.com/bid/6726 | vdb-entryx_refsource_BID |
Date Public
2003-01-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104386492422014\u0026w=2"
},
{
"name": "6727",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6727"
},
{
"name": "6728",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6728"
},
{
"name": "1006011",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006011"
},
{
"name": "1006010",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006010"
},
{
"name": "1006012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006012"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/01.28.03.txt"
},
{
"name": "6726",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6726"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104386492422014\u0026w=2"
},
{
"name": "6727",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6727"
},
{
"name": "6728",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6728"
},
{
"name": "1006011",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006011"
},
{
"name": "1006010",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006010"
},
{
"name": "1006012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006012"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/01.28.03.txt"
},
{
"name": "6726",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6726"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104386492422014\u0026w=2"
},
{
"name": "6727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6727"
},
{
"name": "6728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6728"
},
{
"name": "1006011",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006011"
},
{
"name": "1006010",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006010"
},
{
"name": "1006012",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006012"
},
{
"name": "http://www.idefense.com/advisory/01.28.03.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/01.28.03.txt"
},
{
"name": "6726",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6726"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0047",
"datePublished": "2003-02-01T05:00:00.000Z",
"dateReserved": "2003-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:43:35.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}