Vulnerabilities > CVE-2006-5199 - Local Information Disclosure vulnerability in Adobe Contribute Publishing Server
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Adobe Contribute Publishing Server leaks the administrator password in logs that are created during product installation, which allows local users to gain privileges to the server.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Windows |
NASL id | ADOBE_CPS_PASSWORD_DISCLOSURE.NASL |
description | Adobe Contribute Publishing Server, a web publishing management application, is installed on the remote Windows host. The version of Contribute Publishing Server on the remote host logged a copy of the password specified for the administrator as part of the installation process. A local user may be able to leverage this flaw to gain administrative access to the affected application and potentially other resources. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 22540 |
published | 2006-10-11 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/22540 |
title | Adobe Contribute Publishing Server Administrator Password Local Disclosure |
References
- http://secunia.com/advisories/22329
- http://securitytracker.com/id?1017038
- http://www.adobe.com/support/security/bulletins/apsb06-15.html
- http://www.osvdb.org/29672
- http://www.securityfocus.com/bid/20439
- http://www.vupen.com/english/advisories/2006/4001
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29441