CVE-1999-1126 Information

Description

Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames passwords and SNMP community strings from (1) swim_swd.log (2) swim_debug.log (3) dbi_debug.log and (4) temporary files whose names begin with \DPR_.

Reference

http://ciac.llnl.gov/ciac/bulletins/i-086.shtml http://www.cisco.com/warp/public/770/crmtmp-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1575