|
|
CVE Reference: CVE-2004-0653 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-0653 |
|
|
Description: Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/16450 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-101519-1 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57587 SAID Secunia Advisory: SA11940 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2065 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:255 CIAC http://www.ciac.org/ciac/bulletins/o-172.shtml CERT-VN 523710 BID 10606 |
|
| Return to the previous page. |
