Back to search
CVE-2006-0838
Published: Feb 22, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the (1) CMS_DBPASS, (2) CMSM_DBPASS, and (3) RPT_DBPASS fields in /etc/neusecure.conf, and in (4) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to gain privileges. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
netcool-neosecure-config-weak-permission(24785)
vdb-entry
x_refsource_XF
20060216 Password disclosure and remote access in Netcool/NeuSecure Security information management platform
mailing-list
x_refsource_BUGTRAQ
16698
vdb-entry
x_refsource_BID
16693
vdb-entry
x_refsource_BID
23270
vdb-entry
x_refsource_OSVDB
23271
vdb-entry
x_refsource_OSVDB
18922
third-party-advisory
x_refsource_SECUNIA
20060216 Password disclosure and remote access in Netcool/NeuSecure Security information management platform
mailing-list
x_refsource_FULLDISC
netcool-neosecure-plaintext-password(24787)
vdb-entry
x_refsource_XF
1015642
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now