MEDIUM🇬🇧 English

CVE-2002-1955

CVSS 5.0v2.0pub. 2002-12-31upd. 2026-04-16

Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
  • Iomega Nas

    HW
    Iomega
    a300u
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2009-2367CRITICAL9.8ten sam vendor

cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers ...

CVE-2002-1949HIGH7.5ten sam vendor

The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in clearte...

CVE-2001-0110HIGH7.2ten sam vendor

Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY e...

CVE-2012-2283MEDIUM5.5ten sam vendor

The Iomega Home Media Network Hard Drive with EMC Lifeline firmware before 2.104, Home Media Network Hard Driv...

CVE-2002-1863MEDIUM4.6ten sam vendor

Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be d...