CVE-2004-2398

Published: Dec 31, 2004Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.

Affected (1)

Products: Netenberg: Fantastico De Luxe

1 product

Fantastico De Luxe

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Netenberg Fantastico De Luxe	Version 2.8

References (6)

http://archives.neohapsis.com/archives/bugtraq/2004-05/0206.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/10390

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/16197

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2004-05/0206.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/10390

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/16197

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.