Sambar Cleartext Password Remote Disclosure

low Nessus Network Monitor Plugin ID 1547

Synopsis

The remote Sambar server does not run on top of SSL, therefore passwords are transmitted in cleartext over HTTP.

Description

The remote Sambar server does not run on top of SSL, therefore passwords are transmitted in cleartext over HTTP. An attacker who can sniff network traffic may use this flaw to gain access on the web interface of this host.

Solution

No solution is known at this time.

Plugin Details

Severity: Low

ID: 1547

Family: Web Servers

Published: 8/18/2004

Updated: 1/15/2016

Nessus ID: 11585

Vulnerability Information

CPE: cpe:/a:sambar:sambar_server