Local Information Disclosure Vulnerability in Sybase Database Plug-in by SpringSource
CVE-2009-2899

Currently unrated

Key Information:

Vendor
Vmware
Vendor
CVE Published:
5 December 2012

Summary

The monitor Perl script within the Sybase database plug-in for SpringSource Hyperic HQ prior to version 4.3 is susceptible to a local information disclosure vulnerability. This flaw enables local users to retrieve sensitive database credentials by listing the running process and its arguments, potentially exposing critical security information that could be exploited in subsequent attacks.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.