Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4646

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2008-4646
Last Modified 07 Mar 2011 10:12:48
Published 21 Oct 2008 08:11:50
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-4646

Summary

The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database.

Vulnerable Systems

Application

  • Websense Enterpise 6.3.2


References

MISC - http://www.zebux.org/pub/Advisory/Advisory_Websense_Reporter_Password_Disclosure_200810.txt

VUPEN - ADV-2008-2819

SECTRACK - 1021058

BID - 31746

SECUNIA - 32264


Last Updated: 27 May 2016 10:48:34