CVE-2006-0838

Name of the Vulnerable Software and Affected Versions IBM Tivoli Micromuse Netcool/NeuSecure version 3.0.236

Description The issue allows local users to gain privileges due to the storage of cleartext passwords in certain fields and a log file. Specifically, the cleartext passwords are stored in the CMS DBPASS, CMSM DBPASS, and RPT DBPASS fields in the /etc/neusecure.conf file, and in the /opt/NeuSecure/bin/ns archiver.log file.

Recommendations For IBM Tivoli Micromuse Netcool/NeuSecure version 3.0.236, update to a version that includes the fix privately confirmed by IBM to be available for these issues.