>> M4 Project Enigma-suite Default Username and Password Vulnerability
Title : M4 Project Enigma-suite Default Username and Password Vulnerability VUPEN ID : VUPEN/ADV-2006-0787 CVE ID : CVE-2006-1009
Rated as : Moderate Risk
Remotely Exploitable : No Locally Exploitable : Yes Release Date : 2006-03-01
Technical Description
A vulnerability has been identified in M4 Project Enigma-suite, which could be exploited by local attackers to obtain elevated privileges. This flaw is due to a design error where a default Windows username and password (enigma-client/nominal) are added by the installation script, which could be exploited by malicious users to bypass security restrictions and gain privileged access to a vulnerable system.
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
