Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2614

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2006-2614
Last Modified 07 Mar 2011 09:36:35
Published 25 May 2006 09:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2614

Summary

Sun N1 System Manager 1.1 for Solaris 10 before patch 121161-01 records system passwords in the world-readable scripts (1) /cr/hd_jobs_db.sh, (2) /cr/hd_plan_checkin.sh, and (3) /cr/oracle_plan_checkin.sh, which allows local users to obtain System Manager passwords.

Vulnerable Systems

Application

  • Sun N1 System Manager 1.1


References

SUNALERT - 102024

SECTRACK - 1016119

SECUNIA - 20127

XF - sun-systemmanager-password-disclosure(26521)

VUPEN - ADV-2006-1851

BID - 18023


Last Updated: 27 May 2016 10:42:40