CVE-2011-3198

EUVD-2011-3162
Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument to htpasswd, which might allow local users to read the password by listing the process and its arguments.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
gplhostdomain_technologie_control
𝑥
≤ 0.32.11
gplhostdomain_technologie_control
0.24.6
gplhostdomain_technologie_control
0.25.1
gplhostdomain_technologie_control
0.25.2
gplhostdomain_technologie_control
0.25.3
gplhostdomain_technologie_control
0.26.7
gplhostdomain_technologie_control
0.26.8
gplhostdomain_technologie_control
0.26.9
gplhostdomain_technologie_control
0.27.3
gplhostdomain_technologie_control
0.28.2
gplhostdomain_technologie_control
0.28.3
gplhostdomain_technologie_control
0.28.4
gplhostdomain_technologie_control
0.28.6
gplhostdomain_technologie_control
0.28.9
gplhostdomain_technologie_control
0.28.10
gplhostdomain_technologie_control
0.29.1
gplhostdomain_technologie_control
0.29.6
gplhostdomain_technologie_control
0.29.8
gplhostdomain_technologie_control
0.29.10
gplhostdomain_technologie_control
0.29.14
gplhostdomain_technologie_control
0.29.15
gplhostdomain_technologie_control
0.29.16
gplhostdomain_technologie_control
0.29.17
gplhostdomain_technologie_control
0.30.6
gplhostdomain_technologie_control
0.30.8
gplhostdomain_technologie_control
0.30.10
gplhostdomain_technologie_control
0.30.18
gplhostdomain_technologie_control
0.30.20
gplhostdomain_technologie_control
0.32.1
gplhostdomain_technologie_control
0.32.2
gplhostdomain_technologie_control
0.32.3
gplhostdomain_technologie_control
0.32.4
gplhostdomain_technologie_control
0.32.5
gplhostdomain_technologie_control
0.32.6
gplhostdomain_technologie_control
0.32.7
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dtc
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
Common Weakness Enumeration
References
http://git.gplhost.com/gitweb/?p=dtc.git%3Ba=blob%3Bf=debian/changelog%3Bhb=3eb6ef5cea6c571aae5e49e1930de778eca280c3
http://www.debian.org/security/2011/dsa-2365
http://www.openwall.com/lists/oss-security/2011/08/13/1
http://www.openwall.com/lists/oss-security/2011/08/24/10
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637537
http://git.gplhost.com/gitweb/?p=dtc.git%3Ba=blob%3Bf=debian/changelog%3Bhb=3eb6ef5cea6c571aae5e49e1930de778eca280c3
http://www.debian.org/security/2011/dsa-2365
http://www.openwall.com/lists/oss-security/2011/08/13/1
http://www.openwall.com/lists/oss-security/2011/08/24/10
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637537