Vulnerability Description
AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs. Fixed in EventLog Analyzer Build 6000.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adventnet | Eventlog Analyzer | build_4030 |
Related Weaknesses (CWE)
References
- http://forums.adventnet.com/viewtopic.php?t=247521
- http://osvdb.org/42423
- http://secunia.com/advisories/27833
- http://www.securityfocus.com/bid/26304
- http://forums.adventnet.com/viewtopic.php?t=247521
- http://osvdb.org/42423
- http://secunia.com/advisories/27833
- http://www.securityfocus.com/bid/26304
FAQ
What is CVE-2007-6081?
CVE-2007-6081 is a vulnerability with a CVSS score of 7.5 (HIGH). AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers...
How severe is CVE-2007-6081?
CVE-2007-6081 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6081?
Check the references section above for vendor advisories and patch information. Affected products include: Adventnet Eventlog Analyzer.