Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1829

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2006-1829
Last Modified 07 Mar 2011 09:34:22
Published 19 Apr 2006 12:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-1829

Summary

EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection caches, (2) open password prompts, and (3) stored custom connection profiles.

Vulnerable Systems

Application

  • Sybase Easerver 5.2

  • Sybase Easerver 5.3


References

VUPEN - ADV-2006-1344

CONFIRM - http://www.sybase.com/detail?id=1040117

BID - 17508

SECTRACK - 1015913

SECUNIA - 19605

XF - easerver-password-disclosure(25777)


Last Updated: 27 May 2016 10:42:14