← back
CVE-2006-1772

CVE-2006-1772

EPSS 0.4%
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361775http://secunia.com/advisories/19589http://www.securityfocus.com/bid/17477