CVE-2006-2185 — Netware vulnerability

3 documents3 sources

Severity

4.0MEDIUMNVD

EPSS

0.4%

top 41.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Netware

Timeline

PublishedMay 22

Latest updateMay 1

Description

PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDnovell/netware6.5

Patches

Patch: securitytracker.com ↗Patch: support.novell.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-wp7f-qjmf-6w6p: PORTAL↗2022-05-01

▶

CVEList

CVE-2006-2185: PORTAL↗2006-05-22

▶