CVE-2006-3878

Name of the Vulnerable Software and Affected Versions Opsware Network Automation System (NAS) version 6.0

Description The issue concerns insecure permissions set by Opsware Network Automation System (NAS) 6.0 on the /etc/init.d/mysql file. This allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.

Recommendations For Opsware Network Automation System (NAS) version 6.0, consider changing the permissions of the /etc/init.d/mysql file to secure it and prevent unauthorized access. As a temporary workaround, restrict access to the /etc/init.d/mysql file until a proper fix is applied.