RSS   Vulnerabilities for 'Funk software proxy'   RSS

2002-04-22
 
CVE-2002-0066

 

 
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges.

 
 
CVE-2002-0065

 

 
Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry.

 
 
CVE-2002-0064

 

 
Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system.

 


Copyright 2024, cxsecurity.com

 

Back to Top