Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-4184 | First vendor Publication | 2010-11-05 |
Vendor | Cve | Last vendor Modification | 2017-08-17 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information by sniffing the network. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4184 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-310 | Cryptographic Issues |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
69014 | NetSupport Manager Cleartext HTTP Header Information Disclosure NetSupport Manager contains a flaw that may lead to an unauthorized information disclosure. The HTTP protocol implementation sends HTTP headers with information stored in cleartext fields. The issue is triggered when the HTTP packets between the NetSupport Manager Gateway and Controls or clients are intercepted. This may disclose sensitive information to a remote attacker. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-11-10 | Name : The remote web server hosts an application that is affected by an information... File : netsupport_gateway_info_disclosure.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote Windows host has an application that is affected by an information... File : netsupport_manager_11_0_5.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
CERT-VN | http://www.kb.cert.org/vuls/id/465239 |
CONFIRM | http://www.netsupportsoftware.com/support/td.asp?td=634 |
XF | https://exchange.xforce.ibmcloud.com/vulnerabilities/62984 |
Alert History
Date | Informations |
---|---|
2021-05-04 12:12:55 |
|
2021-04-22 01:13:26 |
|
2020-05-23 01:43:01 |
|
2020-05-23 00:26:53 |
|
2017-08-17 09:23:08 |
|
2014-02-17 10:58:32 |
|
2013-05-10 23:36:44 |
|