Details of VAR-200304-0127

ID

VAR-200304-0127

CVE

CVE-2002-1491

TITLE

Cisco Mac OS VPN 5000 Client Password Disclosure Vulnerability

Trust: 0.9

sources: BID: 5736 // CNNVD: CNNVD-200304-031

DESCRIPTION

The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges. The Cisco VPN 5000 Client on Mac OS saves configuration information for the default connection in the resource fork of the preferences file. Authentication credentials for the most recent login are included in the configuration. A tool such as ResEdit may be used to extract this information. Cisco Virtual Private Network (VPN) client program is a program used to securely communicate with enterprise CISCO VPN devices through the Internet. Can be used under a variety of operating systems, including MacOS X operating system. Local attackers can use this vulnerability to obtain sensitive information by viewing the configuration file. A local attacker can read password information stored in plain text by using a tool such as ResEdit. This problem exists even when the \"SaveSecrets\" option is used, or when encrypting passwords. CISCO designated this vulnerability number as: CSCdx17109

Trust: 1.26

sources: NVD: CVE-2002-1491 // BID: 5736 // VULHUB: VHN-5876

AFFECTED PRODUCTS

vendor:	cisco	model:	vpn 5000 client	scope:	eq	version:	5.2.1	Trust: 1.6
vendor:	cisco	model:	vpn 5000 client	scope:	eq	version:	5.1.2	Trust: 1.6
vendor:	cisco	model:	vpn client for mac os	scope:	eq	version:	50005.2.1	Trust: 0.3
vendor:	cisco	model:	vpn client for mac os	scope:	eq	version:	50005.1.2	Trust: 0.3
vendor:	cisco	model:	vpn client for mac os	scope:	ne	version:	50005.2.2	Trust: 0.3

sources: BID: 5736 // CNNVD: CNNVD-200304-031 // NVD: CVE-2002-1491

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-1491
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200304-031
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-5876
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2002-1491
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-5876
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-5876 // CNNVD: CNNVD-200304-031 // NVD: CVE-2002-1491

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1491

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200304-031

TYPE

Design Error

Trust: 0.9

sources: BID: 5736 // CNNVD: CNNVD-200304-031

EXTERNAL IDS

db:	BID	id:	5736	Trust: 2.0
db:	NVD	id:	CVE-2002-1491	Trust: 2.0
db:	OSVDB	id:	7041	Trust: 1.7
db:	CNNVD	id:	CNNVD-200304-031	Trust: 0.7
db:	XF	id:	5000	Trust: 0.6
db:	CISCO	id:	20020918 CISCO VPN 5000 CLIENT MULTIPLE VULNERABILITIES	Trust: 0.6
db:	VULHUB	id:	VHN-5876	Trust: 0.1

sources: VULHUB: VHN-5876 // BID: 5736 // CNNVD: CNNVD-200304-031 // NVD: CVE-2002-1491

REFERENCES

url:	http://www.securityfocus.com/bid/5736	Trust: 1.7
url:	http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml	Trust: 1.7
url:	http://www.osvdb.org/7041	Trust: 1.7
url:	http://www.iss.net/security_center/static/10129.php	Trust: 1.7

sources: VULHUB: VHN-5876 // CNNVD: CNNVD-200304-031 // NVD: CVE-2002-1491

CREDITS

Ofir Arkin※ ofir@stake.com

Trust: 0.6

sources: CNNVD: CNNVD-200304-031

SOURCES

db:	VULHUB	id:	VHN-5876
db:	BID	id:	5736
db:	CNNVD	id:	CNNVD-200304-031
db:	NVD	id:	CVE-2002-1491

LAST UPDATE DATE

2025-04-03T22:24:10.130000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-5876	date:	2008-09-05T00:00:00
db:	BID	id:	5736	date:	2009-07-11T17:06:00
db:	CNNVD	id:	CNNVD-200304-031	date:	2005-10-12T00:00:00
db:	NVD	id:	CVE-2002-1491	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-5876	date:	2003-04-02T00:00:00
db:	BID	id:	5736	date:	2002-09-18T00:00:00
db:	CNNVD	id:	CNNVD-200304-031	date:	2002-09-18T00:00:00
db:	NVD	id:	CVE-2002-1491	date:	2003-04-02T05:00:00