Vulnerability Details CVE-2006-2045
The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the (2) NetAccess database file has world readable and writable permissions, which allows local users to view sensitive information and modify data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.0%
CVSS Severity
CVSS v2 Score 3.6
References
- http://secunia.com/advisories/19818
- http://www.securityfocus.com/archive/1/432007/100/0/threaded
- http://www.securityfocus.com/bid/17698
- http://www.vupen.com/english/advisories/2006/1540
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26109
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26110
- http://secunia.com/advisories/19818
- http://www.securityfocus.com/archive/1/432007/100/0/threaded
- http://www.securityfocus.com/bid/17698
- http://www.vupen.com/english/advisories/2006/1540
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26109
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26110
Products affected by CVE-2006-2045
-
cpe:2.3:h:ip3_networks:ip3_netaccess_75:4.0.34_firmware