ReadyDesk 9.1 allows local users to determine cleartext SQL Server credentials by reading the SQL_Config.aspx file and decrypting data with a hardcoded key in the ReadyDesk.dll file.
Link | Tags |
---|---|
http://www.kb.cert.org/vuls/id/294272 | third party advisory us government resource |
http://www.securityfocus.com/bid/92487 | vdb entry |