MEDIUM🇵🇱 Wersja polska

CVE-2002-1955

CVSS 5.0v2.0pub. 2002-12-31upd. 2026-04-16

Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack.

CVSS Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
  • Iomega Nas

    HW
    Iomega
    a300u
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2009-2367CRITICAL9.8ten sam vendor

cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers ...

CVE-2002-1949HIGH7.5ten sam vendor

The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in clearte...

CVE-2001-0110HIGH7.2ten sam vendor

Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY e...

CVE-2012-2283MEDIUM5.5ten sam vendor

The Iomega Home Media Network Hard Drive with EMC Lifeline firmware before 2.104, Home Media Network Hard Driv...

CVE-2002-1863MEDIUM4.6ten sam vendor

Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be d...