CVE-2009-2312

CVE-2009-2312

EPSS 0.3%

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html http://secunia.com/advisories/34390 https://exchange.xforce.ibmcloud.com/vulnerabilities/49338