Vulnerability Description
The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Unicore | Unicore Client | <= 5.6 |
References
- http://secunia.com/advisories/22765PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=461942Patch
- http://www.securityfocus.com/bid/20981
- http://www.vupen.com/english/advisories/2006/4419
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30157
- http://secunia.com/advisories/22765PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=461942Patch
- http://www.securityfocus.com/bid/20981
- http://www.vupen.com/english/advisories/2006/4419
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30157
FAQ
What is CVE-2006-5842?
CVE-2006-5842 is a vulnerability with a CVSS score of 2.1 (LOW). The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information.
How severe is CVE-2006-5842?
CVE-2006-5842 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5842?
Check the references section above for vendor advisories and patch information. Affected products include: Unicore Unicore Client.