Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4683

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-4683
Last Modified 07 Mar 2011 09:28:47
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4683

Summary

PADL MigrationTools 46, when a failure occurs, stores contents of /etc/shadow in a world-readable /tmp/nis.$$.ldif file, and possibly other sensitive information in other temporary files, which are not properly managed by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh.

Vulnerable Systems

Application

  • Padl Software Migrationtools 46


References

VUPEN - ADV-2005-2427

SECUNIA - 17530

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338920

XF - migrationtools-nisldif-info-disclosure(42335)

OSVDB - 20839


Last Updated: 27 May 2016 10:41:24