CVE-2002-1676 Information

Description

BindView NetInventory 1.0 when used with NetRC 1.0 allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.

Reference

http://online.securityfocus.com/archive/1/252293 http://online.securityfocus.com/archive/1/256056 http://www.securityfocus.com/bid/3957 https://exchange.xforce.ibmcloud.com/vulnerabilities/7992