CVE-2005-2962

Name of the Vulnerable Software and Affected Versions ntlmaps versions prior to 0.9.9

Description The issue concerns a problem with the post-installation script of ntlmaps, which sets world-readable permissions for the configuration file. This allows local users to obtain the username and password, potentially leading to a breach of confidentiality. The vulnerability can be exploited by a local attacker.

Recommendations For versions prior to 0.9.9, update to version 0.9.9 or later to resolve the issue. As a temporary workaround, consider changing the permissions of the configuration file to prevent world-readable access until a patch is applied. Restrict access to the configuration file to minimize the risk of exploitation.