Michael Freeman

**Name of the Vulnerable Software and Affected Versions** Opsware Network Automation System (NAS) version 6.0 **Description** The issue concerns insecure permissions set by Opsware Network Automation System (NAS) 6.0 on the /etc/init.d/mysql file. This allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql. **Recommendations** For Opsware Network Automation System (NAS) version 6.0, consider changing the permissions of the /etc/init.d/mysql file to secure it and prevent unauthorized access. As a temporary workaround, restrict access to the /etc/init.d/mysql file until a proper fix is applied.