{"vuid":"VU#245707","idnumber":"245707","name":"Nevrona Designs MiraMail stores all configuration and user account information in unencrypted text file","keywords":["Nevrona Designs MiraMail","configuration information","account information","username","password","plaintext","unencrypted"],"overview":"Some versions of MiraMail store username and passwords in a text file without using encryption.","clean_desc":"MiraMail is a news server for Windows-based hosts. Versions of MiraMail up to and including 1.04 store MiraMail user data, including usernames and passwords, in unencrypted plaintext stored in a '.ini' file.","impact":"Any user with access to the .ini file can learn all usernames and passwords used by MiraMail.","resolution":"The CERT/CC is currently unaware of a practical solution to this problem.","workarounds":"None.","sysaffected":"","thanks":"Thanks to Chris Lathem for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["http://www.nevrona.com/miramail","http://www.securityfocus.com/bid/3843"],"cveids":["CVE-2002-0110"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-01-10T17:30:03Z","publicdate":"2002-01-10T00:00:00Z","datefirstpublished":"2002-08-07T15:40:08Z","dateupdated":"2002-08-07T16:00:01Z","revision":6,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"3","cam_impact":"4","cam_easeofexploitation":"20","cam_attackeraccessrequired":"10","cam_scorecurrent":"0.81","cam_scorecurrentwidelyknown":"1.035","cam_scorecurrentwidelyknownexploited":"1.935","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.81,"vulnote":null}