CVE-2008-1970

Published Apr 27, 2008

Last updated 8 years ago

CVSS info 2.1

Overview

Description: muCommander before 0.8.2 stores credentials.xml with insecure permissions, which allows local users to obtain credentials.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-255

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91B3E7B3-80BA-440D-A2B2-77C852E0AC02",
            "versionEndIncluding": "0.8"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD654FFB-44FF-4EC3-875C-2F414C839EFA"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B746704F-D025-4ED1-8AF5-AF56B91CD892"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5314C4AE-B5B9-4DDD-ABDB-19819CCD3100"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB7E9160-A4BA-4E7D-A077-FA0AE0D35CAB"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D3EA0A4-C79A-419F-A9AA-9AA10B51BB22"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E321EB09-7B65-4C38-AA65-BDEA4A9A9C96"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "023CF501-ADA4-4EAF-A7C7-65CA70FEF99C"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.8:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE7F03C7-BE88-434F-8F97-59E26C8C73CB"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.8:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE872B53-F079-4BD9-8012-16781D98CCEE"
          },
          {
            "criteria": "cpe:2.3:a:mucommander:mucommander:0.8:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0AE5402-B11C-417D-AF77-32D4E7D3C103"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References