CVE-2006-2430 Information
Description
IBM WebSphere Application Server 5.0.2 and earlier 5.1.1 and earlier and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log which allows attackers to gain privileges.
Reference
http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html http://secunia.com/advisories/20032 http://securityreason.com/securityalert/910 http://www.osvdb.org/25372 http://www.vupen.com/english/advisories/2006/1736 http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang= http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064 http://www-1.ibm.com/support/search.wss?rs=0&q=PK16492&apar=only
Share on: