CVE-2006-2430
CVE-2006-2430
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.htmlhttp://secunia.com/advisories/20032http://securityreason.com/securityalert/910http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang=http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064http://www-1.ibm.com/support/search.wss?rs=0&q=PK16492&apar=onlyhttp://www.osvdb.org/25372http://www.vupen.com/english/advisories/2006/1736