CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6081
https://notcve.org/view.php?id=CVE-2007-6081
AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs. Fixed in EventLog Analyzer Build 6000. AdventNet EventLog Analyzer build 4030 para Windows, y posiblemente otras versiones y plataformas, instala una instancia de mysql con una cuenta "root" predeterminada sin contraseña, lo que permite a los atacantes remotos obtener privilegios y modificar registros. Corregido en EventLog Analyzer Build 6000. • http://forums.adventnet.com/viewtopic.php?t=247521 http://osvdb.org/42423 http://secunia.com/advisories/27833 http://www.securityfocus.com/bid/26304 • CWE-264: Permissions, Privileges, and Access Controls •