CVE-2004-1766 Information

Description

The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0 which allows remote attackers to obtain sensitive information via sniffing.

Reference

http://secunia.com/advisories/10675 http://www.juniper.net/support/security/alerts/58290.txt http://www.kb.cert.org/vuls/id/927630 http://www.kb.cert.org/vuls/id/CRDY-5VEU8N http://www.netscreen.com/services/security/alerts/1_19_04_58290.jsp http://www.osvdb.org/3613 http://www.securityfocus.com/bid/9455 https://exchange.xforce.ibmcloud.com/vulnerabilities/14886