CVE-2011-1672

Currently unrated

Key Information:

Vendor: Dell
Status: Kace K2000 Systems Deployment Appliance
Vendor: CVE Published:; 10 April 2011

Summary

The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (2) sysprep.inf file, as demonstrated by reading a password.

References

http://www.securityfocus.com/bid/47172

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/598700

third-party-advisoryx_refsource_CERT-VN

http://www.vupen.com/english/advisories/2011/0883

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 10, 2011
Vulnerability Reserved
Apr 9, 2011