Vulnerabilities > CVE-2006-1772 - Local Database Administrator Password Disclosure vulnerability in Debian Linux 3.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 13 |