CVE-2009-1466 Information

Description

Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini which allows local users to obtain sensitive information by reading this file.

Reference

http://securitytracker.com/id?1022204 http://www.securityfocus.com/archive/1/503434/100/0/threaded http://www.securityfocus.com/bid/34911 http://www.syhunt.com/advisories/?id=aas-multiple https://exchange.xforce.ibmcloud.com/vulnerabilities/50590