Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack.
oryginał ENCVSS Vector
AV:N/AC:L/Au:N/C:N/I:P/A:NIomega Nas
HWIomegaa300u
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2009-2367CRITICAL9.8ten sam vendor
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers ...
CVE-2002-1949HIGH7.5ten sam vendor
The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in clearte...
CVE-2001-0110HIGH7.2ten sam vendor
Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY e...
CVE-2012-2283MEDIUM5.5ten sam vendor
The Iomega Home Media Network Hard Drive with EMC Lifeline firmware before 2.104, Home Media Network Hard Driv...
CVE-2002-1863MEDIUM4.6ten sam vendor
Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be d...