Password Disclosure Vulnerability in Cisco Secure Access Control Server
CVE-2006-0561

Currently unrated

Key Information:

Vendor

Cisco
Status
Secure Access Control Server
Vendor
CVE Published:
10 May 2006

What is CVE-2006-0561?

The Cisco Secure Access Control Server (ACS) 3.x for Windows suffers from a vulnerability that permits storage of administrator passwords and master keys in the registry with inadequate permissions. This security flaw enables local users and potential remote administrators to exploit the system. By utilizing Microsoft's cryptographic API functions, they can decrypt these credentials and obtain the plaintext version of the sensitive master key, resulting in unauthorized access to administrative capabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/16743
vdb-entryx_refsource_BID
http://www.cisco.com/warp/public/707/cisco-sr-20060508-ac...
vendor-advisoryx_refsource_CISCO
http://www.symantec.com/enterprise/research/SYMSA-2006-00...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.