5 matches found
EUVD-2006-0433
Malware in sbrugna...
Code injection
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges...
CVE-2006-0426
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges...
CVE-2006-0426
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges...
CVE-2006-0426
BEA WebLogic Server/WebLogic Express 8.1–SP4: when configuration auditing is enabled and a password change occurs, the old and new passwords are written in cleartext to DefaultAuditRecorder.log, potentially enabling privilege escalation. This mirrors the NVD description with a base CVSS v2 score ...