CVE-2006-2546 Information

Description

A recommended admin password reset mechanism for BEA WebLogic Server 8.1 when followed before October 10 2005 causes the administrator password to be stored in cleartext in the domain directory which could allow attackers to gain privileges.

Reference

http://dev2dev.bea.com/pub/advisory/193 http://secunia.com/advisories/20130 http://securitytracker.com/id?1016101 http://www.vupen.com/english/advisories/2006/1828 https://exchange.xforce.ibmcloud.com/vulnerabilities/26460