Required CVE Record Information
Description
authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter.
References 6 Total
- osvdb.org: 72079 vdb-entry
- secunia.com: 44182 third-party-advisory
- securityfocus.com: 47572 vdb-entry
- http://www.packetninjas.net/storage/advisories/MediaCast-PWDump-FINAL.txt
- securityreason.com: 8245 third-party-advisory
- exchange.xforce.ibmcloud.com: mediacast-authenticateadsetup-info-disc(67082) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- osvdb.org: 72079 vdb-entryx_transferred
- secunia.com: 44182 third-party-advisoryx_transferred
- securityfocus.com: 47572 vdb-entryx_transferred
- http://www.packetninjas.net/storage/advisories/MediaCast-PWDump-FINAL.txt x_transferred
- securityreason.com: 8245 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: mediacast-authenticateadsetup-info-disc(67082) vdb-entryx_transferred