Vulnerabilities > CVE-2006-5199 - Local Information Disclosure vulnerability in Adobe Contribute Publishing Server

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
adobe
nessus

Summary

Adobe Contribute Publishing Server leaks the administrator password in logs that are created during product installation, which allows local users to gain privileges to the server.

Vulnerable Configurations

Part Description Count
Application
Adobe
1

Nessus

NASL familyWindows
NASL idADOBE_CPS_PASSWORD_DISCLOSURE.NASL
descriptionAdobe Contribute Publishing Server, a web publishing management application, is installed on the remote Windows host. The version of Contribute Publishing Server on the remote host logged a copy of the password specified for the administrator as part of the installation process. A local user may be able to leverage this flaw to gain administrative access to the affected application and potentially other resources.
last seen2020-06-01
modified2020-06-02
plugin id22540
published2006-10-11
reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/22540
titleAdobe Contribute Publishing Server Administrator Password Local Disclosure