CVE-2007-4786

https://notcve.org/view.php?id=CVE-2007-4786

Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information. Cisco Adaptive Security Appliance (ASA) funcionando en PIX 7.0 anterior a 7.0.7.1, 7.1 anterior a 7.1.2.61, 7.2 anterior a 7.2.2.34, y 8.0 before 8.0.2.11, when AAA is enabled, escribe mensajes %ASA-5-111008 desde el comando "test aaa" con contraseñas en texto plano y envía las mismas a través de la red a un servidor de registros del sistema remoto o los coloca en un búfer local de validación, lo caul permite a atacantes dependientes del contexto obtener información sensible. • http://osvdb.org/37499 http://secunia.com/advisories/26677 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsj72903 http://www.kb.cert.org/vuls/id/563673 http://www.kb.cert.org/vuls/id/MIMG-74ZK93 http://www.securityfocus.com/bid/25548 http://www.securitytracker.com/id?1018660 http://www.vupen.com/english/advisories/2007/3076 https://exchange.xforce.ibmcloud.com/vulnerabilities/36473 • CWE-319: Cleartext Transmission of Sensitive Information •