Bugtraq mailing list archives

CVE-2017-6911: USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability

From: wsachin092 () gmail com
Date: Thu, 16 Mar 2017 10:35:59 GMT

Vulnerability Title: USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability
Affected Product: USB Pratirodh
Product Homepage: https://cdac.in/index.aspx?id=cs_eps_usb_pra
CVE-ID : CVE-2017-6911
Severity: Medium

Description:

USB Pratirodh is prone to sensitive information disclosure. Its Store sensitive information such as username and 
password hash in usb.xml file. An attacker with physical access to the system can modify the file according his own 
requirements that may aid in further attack.

Affected Product:
 
USB Pratirodh

Credit:

Sachin Wagh (tiger_tigerboy)

Current thread:

CVE-2017-6911: USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability wsachin092 (Mar 16)