CVE-2005-1606

Name of the Vulnerable Software and Affected Versions H-Sphere Winbox versions 2.4.2 through 2.4.3 RC1

Description The issue allows local users to gain privileges by accessing sensitive information stored in plaintext in world-readable log files. This information includes username and password.

Recommendations For versions 2.4.2 and 2.4.3 RC1, consider restricting access to the log files to prevent unauthorized users from reading sensitive information. As a temporary workaround, restrict write access to the log files to minimize the risk of exposing sensitive data.