Vulnerabilities > CVE-2006-2185 - Local Information Disclosure vulnerability in Novell Netware 6.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
References
- http://secunia.com/advisories/20288
- http://securitytracker.com/id?1016106
- http://support.novell.com/cgi-bin/search/searchtid.cgi?2973698.htm
- http://www.osvdb.org/25780
- http://www.securityfocus.com/bid/18017
- http://www.vupen.com/english/advisories/2006/1829
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26488