This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote deployment appliance has an information disclosure
The remote Dell KACE K2000 appliance has an information disclosure
vulnerability. A hidden, read-only share named 'peinst' is used to
facilitate Windows deployments. This share is populated with pre- and
post-installation tasks, as well as deployment bootfiles and media
used for Windows network installs. This share allows anonymous access.
A remote, unauthenticated attacker could connect to this share,
allowing them to access sensitive data used during deployments (e.g.
local and/or domain administrator credentials).
See also :
Upgrade to K2000 3.4 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.8
Public Exploit Available : true
Nessus Plugin ID: 53493 ()
Bugtraq ID: 47172
CVE ID: CVE-2011-1672
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.