Computer Security
[EN] no-pyccku

VMware vFabric tc Server weak encryption
SecurityVulns ID:11865
Threat Level:
Description:Server accepts cleartext password even if it's not allowed for user.
Affected:VMWARE : vFabric tc Server 2.0
 VMWARE : vFabric tc Server 2.1
CVE:CVE-2011-0527 (VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for context-dependent attackers to obtain access by leveraging an ability to read stored passwords.)
Original documentdocumentVMWARE, CVE-2011-0527: VMware vFabric tc Server password obfuscation bypass (17.08.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod