Vulnerability Name:

CCN-2362

Published:1999-07-02
Updated:1999-07-02
Summary:When Routing and Remote Access Service (RRAS) is installed and Dial-Up Networking client software is used to connect to a server, a dialog box requests the user's User ID and password for the server. In the same dialog box is the Save Password check box, which is intended to provide the user with the option to cache their security credentials if desired. However, the implemented client functionality actually caches the user's credentials regardless of whether the check box is selected or not.

In general, caching security credentials on a computer is not a good security practice. Cache files can easily be decrypted, or users with access to the computer can access unauthorized systems without authentication.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Microsoft FTP site
rraspassword-fix

Source: CCN
Type: BID-232
NT RAS Dial-up Networking "Save Password" Vulnerability

Source: XF
Type: UNKNOWN
nt-rras-dun-cache(2362)

Source: CCN
Type: Microsoft Knowledge Base Article 233303
DUN Credentials Cached When Save Password Not Selected with RRAS

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/o:microsoft:windows_nt:3.5.1:sp4:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    microsoft windows nt 3.5.1 sp4