Vulnerability Description
PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges.
CVSS Score
4.0
MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Netware | 6.5 |
References
- http://secunia.com/advisories/20288
- http://securitytracker.com/id?1016106Patch
- http://support.novell.com/cgi-bin/search/searchtid.cgi?2973698.htmPatch
- http://www.osvdb.org/25780
- http://www.securityfocus.com/bid/18017
- http://www.vupen.com/english/advisories/2006/1829
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26488
- http://secunia.com/advisories/20288
- http://securitytracker.com/id?1016106Patch
- http://support.novell.com/cgi-bin/search/searchtid.cgi?2973698.htmPatch
- http://www.osvdb.org/25780
- http://www.securityfocus.com/bid/18017
- http://www.vupen.com/english/advisories/2006/1829
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26488
FAQ
What is CVE-2006-2185?
CVE-2006-2185 is a vulnerability with a CVSS score of 4.0 (MEDIUM). PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to ...
How severe is CVE-2006-2185?
CVE-2006-2185 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2185?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Netware.