Local Information Disclosure Vulnerability in Sybase Database Plug-in by SpringSource
CVE-2009-2899
Currently unrated
Summary
The monitor Perl script within the Sybase database plug-in for SpringSource Hyperic HQ prior to version 4.3 is susceptible to a local information disclosure vulnerability. This flaw enables local users to retrieve sensitive database credentials by listing the running process and its arguments, potentially exposing critical security information that could be exploited in subsequent attacks.
References
Timeline
Vulnerability Reserved
Vulnerability published