CVE-2005-0486
Last modified
CVE-2005-0486 is a vulnerability of currently unknown severity. Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.. EPSS estimates a 1.26% chance of exploitation in the next 30 days.
Description
Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Tarantella | Secure Global Desktop | enterprise_3.42 |
| Tarantella | Secure Global Desktop | enterprise_4.0 |
| Tarantella | Tarantella Enterprise | 3.30 |
| Tarantella | Tarantella Enterprise | 3.40 |
References
- http://www.tarantella.com/security/bulletin-11.htmlPatch, Vendor Advisory, URL Repurposed
- http://www.tarantella.com/security/bulletin-11.htmlPatch, Vendor Advisory, URL Repurposed
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-0486?
How severe is CVE-2005-0486?
How do I fix CVE-2005-0486?
Are you affected by CVE-2005-0486?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST