PT-2006-1885 · Ibm · Ibm Tivoli Micromuse Netcool/Neusecure

Published

2006-02-22

Updated

2018-10-18

CVE-2006-0838

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Tivoli Micromuse Netcool/NeuSecure version 3.0.236

Description The issue allows local users to gain privileges due to the storage of cleartext passwords in certain fields and a log file. Specifically, the cleartext passwords are stored in the CMS DBPASS, CMSM DBPASS, and RPT DBPASS fields in the /etc/neusecure.conf file, and in the /opt/NeuSecure/bin/ns archiver.log file.

Recommendations For IBM Tivoli Micromuse Netcool/NeuSecure version 3.0.236, update to a version that includes the fix privately confirmed by IBM to be available for these issues.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0838

Affected Products

Ibm Tivoli Micromuse Netcool/Neusecure

PT-2006-1885 · Ibm · Ibm Tivoli Micromuse Netcool/Neusecure

CVE-2006-0838

Related Identifiers

Affected Products

References · 11