Sign-up

ID

VAR-200412-0964


CVE

CVE-2004-2048


TITLE

eSeSIX Thintune Thin client device multiple security vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-200412-1170

DESCRIPTION

radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. Thintune Linux-based devices are reported prone to multiple vulnerabilities. The issues include backdoor accounts that can be accessed over the network and an information disclosure issue that can disclose user accounts and passwords. Thintune devices with firmware version 2.4.38 and prior are affected by these issues. Reportedly, Thintune devices based on Windows CE are not affected. eSeSIX Thintune is a series of thin client applications developed by eSeSIX GmbH. ICA, RDP, X11 and SSH support on custom Linux platforms. The second problem is that there is a password disclosure problem. The Keeper library is used to store all JStream configuration settings. The configuration files are stored in the /root/.keeper/ directory. By browsing the local file system or using the "getreg" command provided in the first question , can remotely read Keeper database information, resulting in access to VNC, control center and screen saver password information. The third problem is that the local ROOT SHELL can be obtained by any user by pressing <CTRL><SHIFT><ALT><DEL> and then entering the "maertsJ" password to obtain the ROOT SHELL. The fourth problem is that local users can view plaintext passwords. Thintune software supports end users to access through Phoenix Web browsers. By entering "file:///", local file system directories can be obtained, and local users can use browsers to view sensitive information. The fifth problem is that the password check is not correct. If the user sets the password to 'a', then inputting a character string starting with "automobile", "any" or "afternoon" can be successfully verified

Trust: 1.26

sources: NVD: CVE-2004-2048 // BID: 10794 // VULHUB: VHN-10476

AFFECTED PRODUCTS

vendor:esesixmodel:thintune xsscope:eqversion:2.4.38

Trust: 1.9

vendor:esesixmodel:thintune xmscope:eqversion:2.4.38

Trust: 1.9

vendor:esesixmodel:thintune sscope:eqversion:2.4.38

Trust: 1.9

vendor:esesixmodel:thintune mobilescope:eqversion:2.4.38

Trust: 1.9

vendor:esesixmodel:thintune mscope:eqversion:2.4.38

Trust: 1.9

vendor:esesixmodel:thintune lscope:eqversion:2.4.38

Trust: 1.9

vendor:esesixmodel:thintune extremescope:eqversion:2.4.38

Trust: 1.9

vendor:esesixmodel:thintune xsscope:neversion:2.4.39

Trust: 0.3

vendor:esesixmodel:thintune xmscope:neversion:2.4.39

Trust: 0.3

vendor:esesixmodel:thintune sscope:neversion:2.4.39

Trust: 0.3

vendor:esesixmodel:thintune mobilescope:neversion:2.4.39

Trust: 0.3

vendor:esesixmodel:thintune mscope:neversion:2.4.39

Trust: 0.3

vendor:esesixmodel:thintune lscope:neversion:2.4.39

Trust: 0.3

vendor:esesixmodel:thintune extremescope:neversion:2.4.39

Trust: 0.3

sources: BID: 10794 // CNNVD: CNNVD-200412-1170 // NVD: CVE-2004-2048

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-2048
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200412-1170
value: CRITICAL

Trust: 0.6

VULHUB: VHN-10476
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-2048
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10476
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10476 // CNNVD: CNNVD-200412-1170 // NVD: CVE-2004-2048

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2048

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-1170

TYPE

Unknown

Trust: 0.9

sources: BID: 10794 // CNNVD: CNNVD-200412-1170

EXTERNAL IDS

db:BIDid:10794

Trust: 2.0

db:NVDid:CVE-2004-2048

Trust: 1.7

db:OSVDBid:8246

Trust: 1.7

db:SECTRACKid:1010770

Trust: 1.7

db:SECUNIAid:12154

Trust: 1.7

db:NSFOCUSid:6752

Trust: 0.6

db:BUGTRAQid:20040724 ESESIX THINTUNE THIN CLIENT MULTIPLE VULNERABILITIES

Trust: 0.6

db:XFid:16790

Trust: 0.6

db:CNNVDid:CNNVD-200412-1170

Trust: 0.6

db:VULHUBid:VHN-10476

Trust: 0.1

sources: VULHUB: VHN-10476 // BID: 10794 // CNNVD: CNNVD-200412-1170 // NVD: CVE-2004-2048

REFERENCES

url:http://www.securityfocus.com/bid/10794

Trust: 1.7

url:http://www.osvdb.org/8246

Trust: 1.7

url:http://securitytracker.com/id?1010770

Trust: 1.7

url:http://secunia.com/advisories/12154

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16790

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=109068491801021&w=2

Trust: 1.0

url:http://xforce.iss.net/xforce/xfdb/16790

Trust: 0.6

url:http://marc.theaimsgroup.com/?l=bugtraq&m=109068491801021&w=2

Trust: 0.6

url:http://www.nsfocus.net/vulndb/6752

Trust: 0.6

url:http://www.thintune.com/en/products/index.htm

Trust: 0.3

url:/archive/1/369833

Trust: 0.3

url:http://marc.info/?l=bugtraq&amp;m=109068491801021&amp;w=2

Trust: 0.1

sources: VULHUB: VHN-10476 // BID: 10794 // CNNVD: CNNVD-200412-1170 // NVD: CVE-2004-2048

CREDITS

Loss, Dirkā€» Dirk.Loss@it-consult.net

Trust: 0.6

sources: CNNVD: CNNVD-200412-1170

SOURCES

db:VULHUBid:VHN-10476
db:BIDid:10794
db:CNNVDid:CNNVD-200412-1170
db:NVDid:CVE-2004-2048

LAST UPDATE DATE

2024-08-14T13:51:13.381000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-10476date:2017-07-11T00:00:00
db:BIDid:10794date:2004-07-24T00:00:00
db:CNNVDid:CNNVD-200412-1170date:2005-10-20T00:00:00
db:NVDid:CVE-2004-2048date:2017-07-11T01:31:35.187

SOURCES RELEASE DATE

db:VULHUBid:VHN-10476date:2004-12-31T00:00:00
db:BIDid:10794date:2004-07-24T00:00:00
db:CNNVDid:CNNVD-200412-1170date:2004-07-24T00:00:00
db:NVDid:CVE-2004-2048date:2004-12-31T05:00:00