|
|
CVE Reference: CVE-2006-2719 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2719 |
|
|
Description: JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HR_Staff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords. |
|
|
CVE Status: Candidate |
|
|
References: ST 1016181 SREASON http://securityreason.com/securityalert/1000 SAID Secunia Advisory: SA20342 FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046398.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/435352/100/0/threaded |
|
| Return to the previous page. |
