ID OSVDB:30252
Type osvdb
Reporter OSVDB
Modified 2006-11-08T09:33:49
Description
Solution Description
Upgrade to version 5.6_build5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
References:
Vendor URL: http://www.unicore.eu/
Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=461942
Secunia Advisory ID:22765
ISS X-Force ID: 30157
FrSIRT Advisory: ADV-2006-4419
CVE-2006-5842
Bugtraq ID: 20981
{"bulletinFamily": "software", "viewCount": 0, "reporter": "OSVDB", "references": [], "description": "## Solution Description\nUpgrade to version 5.6_build5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://www.unicore.eu/\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=461942\n[Secunia Advisory ID:22765](https://secuniaresearch.flexerasoftware.com/advisories/22765/)\nISS X-Force ID: 30157\nFrSIRT Advisory: ADV-2006-4419\n[CVE-2006-5842](https://vulners.com/cve/CVE-2006-5842)\nBugtraq ID: 20981\n", "affectedSoftware": [], "href": "https://vulners.com/osvdb/OSVDB:30252", "modified": "2006-11-08T09:33:49", "enchantments": {"score": {"value": 6.2, "vector": "NONE", "modified": "2017-04-28T13:20:26", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-5842"]}], "modified": "2017-04-28T13:20:26", "rev": 2}, "vulnersScore": 6.2}, "id": "OSVDB:30252", "title": "Unicore Client keystore Permission Weakness", "edition": 1, "published": "2006-11-08T09:33:49", "type": "osvdb", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvelist": ["CVE-2006-5842"], "lastseen": "2017-04-28T13:20:26", "immutableFields": []}
{"cve": [{"lastseen": "2021-02-02T05:27:25", "description": "The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information.\nThis vulnerability is addressed in the following product build:\r\nUnicore, Unicore Client, 5.6 build 5", "edition": 6, "cvss3": {}, "published": "2006-11-10T02:07:00", "title": "CVE-2006-5842", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-5842"], "modified": "2017-07-20T01:34:00", "cpe": ["cpe:/a:unicore:unicore_client:5.6"], "id": "CVE-2006-5842", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5842", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:unicore:unicore_client:5.6:*:*:*:*:*:*:*"]}]}
