CVE-2018-17944
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-17944
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are not automatically deleted upon that type of hostname change.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Lexmark产品信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
多款Lexmark产品中存在信息泄露漏洞,该漏洞源于在主机名称更改时,程序没有自动删除所存储的凭证。远程攻击者可通过更改服务器的主机名称利用该漏洞获取LDAP或SMTP凭证。以下产品受到影响:Lexmark CX725h;Lexmark CX820;Lexmark CX825;Lexmark CX860;Lexmark XC4150;Lexmark XC6152;Lexmark XC8155;Lexmark XC8160。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-17944
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-17944
请登录查看更多情报信息。
- http://support.lexmark.com/index?page=content&id=TE909x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-17944
Same Patch Batch · n/a · 2019-03-12 · 16 CVEs total
| CVE-2019-9729 | Shanda MapleStory Online 缓冲区错误漏洞 | |
| CVE-2019-9558 | Mailtraq WebMail 跨站脚本漏洞 | |
| CVE-2019-9725 | Korenix JetPort 5601和5601f 跨站脚本漏洞 | |
| CVE-2019-9557 | Code Crafters Software Ability Mail Server 跨站脚本漏洞 | |
| CVE-2019-9711 | Joomla! 跨站脚本漏洞 | |
| CVE-2019-9712 | Joomla! 跨站脚本漏洞 | |
| CVE-2019-9713 | Joomla! 访问控制错误漏洞 | |
| CVE-2019-9714 | Joomla! 跨站脚本漏洞 | |
| CVE-2019-9644 | Jupyter Notebook 跨站脚本漏洞 | |
| CVE-2019-9718 | FFmpeg 缓冲区错误漏洞 | |
| CVE-2019-9721 | FFmpeg 缓冲区错误漏洞 | |
| CVE-2019-9710 | webargs 竞争条件漏洞 | |
| CVE-2019-9704 | Vixie Cron 输入验证错误漏洞 | |
| CVE-2019-9705 | Vixie Cron 资源管理错误漏洞 | |
| CVE-2019-9706 | Vixie Cron 资源管理错误漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2018-17944
No comments yet