The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:27
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/33046 - | |
References | () http://secunia.com/advisories/24258 - Vendor Advisory | |
References | () http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/22648 - | |
References | () http://www.securitytracker.com/id?1017683 - | |
References | () http://www.securitytracker.com/id?1017684 - | |
References | () http://www.vupen.com/english/advisories/2007/0690 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/32626 - |
Information
Published : 2007-02-22 01:28
Updated : 2024-11-21 00:27
NVD link : CVE-2007-1068
Mitre link : CVE-2007-1068
CVE.ORG link : CVE-2007-1068
JSON object : View
Products Affected
meetinghouse
- aegis_secureconnect_client
cisco
- secure_services_client
- security_agent
- trust_agent
CWE
CWE-255
Credentials Management Errors