CVE-2006-2045

Name of the Vulnerable Software and Affected Versions NetAccess NA75 version na-img-4.0.34.bin

Description The issue concerns the NetAccess NA75, specifically the na-img-4.0.34.bin version. There are two main problems: the shadow password file has world-readable permissions, allowing local users to view encrypted passwords, and the NetAccess database file has world-readable and writable permissions. This enables local users to not only view sensitive information but also modify data.

Recommendations For version na-img-4.0.34.bin, consider changing the permissions of the shadow password file to restrict access, and modify the NetAccess database file permissions to prevent unauthorized reading and writing. As a temporary workaround, restrict local user access to these files until a more permanent solution is available.