Lucene search
+L

5 matches found

Prion
Prion
added 2006/03/14 1:6 a.m.16 views

Design/Logic Flaw

The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these...

7.5CVSS7.5AI score0.01536EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2006/02/22 2:2 a.m.16 views

Code injection

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for 1 /etc/neusecure.conf, 2 /opt/NeuSecure/etc/cms-3.0.236.buildconf, and 3 /opt/NeuSecure/bin/nsarchiver.log, which allows local users to read sensitive information such as passwords. NOTE: IBM has privately confirmed...

2.1CVSS6.1AI score0.00373EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2006/02/22 2:2 a.m.20 views

CVE-2006-0838

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the 1 CMSDBPASS, 2 CMSMDBPASS, and 3 RPTDBPASS fields in /etc/neusecure.conf, and in 4 /opt/NeuSecure/bin/nsarchiver.log, which allows local users to gain privileges. NOTE: IBM has privately confirmed to CVE that a fix i...

2.1CVSS6.4AI score0.00373EPSS
Exploits0References10
Prion
Prion
added 2006/02/22 2:2 a.m.17 views

Code injection

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the 1 CMSDBPASS, 2 CMSMDBPASS, and 3 RPTDBPASS fields in /etc/neusecure.conf, and in 4 /opt/NeuSecure/bin/nsarchiver.log, which allows local users to gain privileges. NOTE: IBM has privately confirmed to CVE that a fix i...

2.1CVSS6.9AI score0.00373EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2006/02/22 2:0 a.m.18 views

CVE-2006-0838

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the 1 CMSDBPASS, 2 CMSMDBPASS, and 3 RPTDBPASS fields in /etc/neusecure.conf, and in 4 /opt/NeuSecure/bin/nsarchiver.log, which allows local users to gain privileges. NOTE: IBM has privately confirmed to CVE that a fix i...

6.4AI score0.00373EPSS
Exploits0References10
Rows per page
Query Builder