Vulnerabilities > CVE-2006-2430 - Unspecified vulnerability in IBM Websphere Application Server
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.
Vulnerable Configurations
References
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html
- http://secunia.com/advisories/20032
- http://secunia.com/advisories/20032
- http://securityreason.com/securityalert/910
- http://securityreason.com/securityalert/910
- http://www.osvdb.org/25372
- http://www.osvdb.org/25372
- http://www.vupen.com/english/advisories/2006/1736
- http://www.vupen.com/english/advisories/2006/1736
- http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang=
- http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang=
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK16492&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK16492&apar=only