CVE-1999-1126

Currently unrated

Key Information:

Vendor: Cisco
Status: Resource Manager
Vendor: CVE Published:; 31 December 1999

Summary

Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".

References

http://ciac.llnl.gov/ciac/bulletins/i-086.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

https://exchange.xforce.ibmcloud.com/vulnerabilities/1575

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/770/crmtmp-pub.shtml

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Dec 31, 1999