2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
CPE | Name | Operator | Version |
---|---|---|---|
opsware:network_automation_system | opsware network automation system | eq | 6.0 |
secunia.com/advisories/21192
securityreason.com/securityalert/1289
securitytracker.com/id?1016566
www.securityfocus.com/archive/1/441024/100/0/threaded
www.securityfocus.com/archive/1/441296/100/0/threaded
www.securityfocus.com/archive/1/444223/100/0/threaded
www.securityfocus.com/bid/19126
exchange.xforce.ibmcloud.com/vulnerabilities/27995