NVD

Id
63275  
Name
CVE-2006-4642  
Description
AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.  
Reject
 
CVSS Version
2  
CVSS Score
1.7  
Severity
Low  
CVSS Base Score
1.7  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.1  
CVSS Vector
(AV:L/AC:L/Au:S/C:P/I:N/A:N)  
Pub Date
2016-12-20  
Published
2006-09-08  
Modified Date
2011-03-07  
Seq
2006-4642  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
329708 63275 CVE-2006-4642 1525  View
329709 63275 CVE-2006-4642 1016795  View
329710 63275 CVE-2006-4642 20060905 AuditWizard 6.3.2 gives away administrator password  View
329711 63275 CVE-2006-4642 19860  View
329712 63275 CVE-2006-4642 ADV-2006-3498  View
329713 63275 CVE-2006-4642 auditwizard-remoteaudit-password-disclosure(28743)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58948 JVNDB-2006-001214 AuditWizard における重要な情報を取得される脆弱性 AuditWizard には、LaytonCmdSvc.log へ平文で管理者パスワードを記録する "リモート監査" を使用するため、重要な情報を取得される脆弱性が存在します。 CVE-2006-4642 20744 CVE-2006-4642 63275 1.7 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001214.html 2006-09-08 2012-06-26 View