CVE-2006-4537

2006-09-05T14:04:00
ID CVE-2006-4537
Type cve
Reporter NVD
Modified 2017-07-19T21:33:10

Description

NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows local users to obtain passwords by reading the file.