Vulnerabilities

CVE-2014-9577

by Fred · 08/01/2015

VDG Security SENSE (formerly DIVA) 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response.

Date published : 2015-01-08

http://seclists.org/fulldisclosure/2014/Dec/76

http://packetstormsecurity.com/files/129656/VDG-Security-SENSE-2.3.13-File-Disclosure-Bypass-Buffer-Overflow.html

Similar

Tags: Cybersecurity Alert