CVE-2009-2358 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2009-2358

CWE

https://cwe.mitre.org/data/definitions/255.html

TekRADIUS 3.0 uses BUILTINUsers:R permissions for the TekRADIUS.ini file, which allows local users to obtain obfuscated database credentials by reading this file.

Affected Software

Name	Vendor	Start Version	End Version
Tekradius	Yasinkaplan	3.0 (including)	3.0 (including)

References

http://www.nth-dimension.org.uk/utils/get.php?downloadsid=56
http://www.securityfocus.com/archive/1/504740/100/0/threaded
http://www.vupen.com/english/advisories/2009/1816
http://www.nth-dimension.org.uk/utils/get.php?downloadsid=56
http://www.securityfocus.com/archive/1/504740/100/0/threaded
http://www.vupen.com/english/advisories/2009/1816