lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Mar 2017 17:31:26 +0530 From: Sachin Wagh <wsachin092@...il.com> To: fulldisclosure@...lists.org Subject: [FD] USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability Vulnerability Title: USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability Affekted Product: USB resistance Product Homepage: https://cdac.in/index.aspx?id=cs_eps_usb_pra CVE-ID : CVE-2017-6911 Severity: Medium *Description:* USB Pratirodh is prone to sensitive information disclosure. Its Store sensitive information such as username and password hash in usb.xml file. An attacker with physical access to the system can modify the file according his own requirements that may aid in further attack. *Affected Product:* USB resistance *Credit:* *Sachin Wagh (tiger_tigerboy)* _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/