IBM Lotus Sametime Connect Client Password Disclosure

Low Nessus Plugin ID 70260


The remote Windows host has a chat client installed that is affected by an information disclosure vulnerability.


The version of IBM Lotus Sametime Connect installed on the remote Windows host is potentially affected by an information disclosure vulnerability. A flaw in the application causes client passwords to be stored in the clear on the client's memory.


Apply the patch referenced in the advisory.

See Also

Plugin Details

Severity: Low

ID: 70260

File Name: lotus_sametime_connect_swg21635218.nasl

Version: $Revision: 1.2 $

Type: local

Agent: windows

Family: Windows

Published: 2013/10/01

Modified: 2016/05/16

Dependencies: 70071

Risk Information

Risk Factor: Low


Base Score: 1.9

Temporal Score: 1.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:lotus_sametime

Required KB Items: SMB/IBM Lotus Sametime Client/Path, SMB/IBM Lotus Sametime Client/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/06/12

Vulnerability Publication Date: 2013/06/12

Reference Information

CVE: CVE-2013-0534

BID: 60536

OSVDB: 94423