CVE-2006-4537

N/A Unknown

Published: September 05, 2006 Modified: April 16, 2026

Description

NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows local users to obtain passwords by reading the file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIECO03-V732.txt

Source: cve@mitre.org

ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.2/AXP_DNVOSIECO02-V82.txt

Source: cve@mitre.org

http://secunia.com/advisories/21705

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/23632

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1016772

Source: cve@mitre.org

http://securitytracker.com/id?1017472

Source: cve@mitre.org

http://www.osvdb.org/28272

Source: cve@mitre.org

http://www.securityfocus.com/bid/19783

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2006/3423

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/28695

Source: cve@mitre.org

ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIECO03-V732.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.2/AXP_DNVOSIECO02-V82.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21705

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://secunia.com/advisories/23632

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1016772

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1017472

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/28272

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/19783

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.vupen.com/english/advisories/2006/3423

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/28695

Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.1%

22th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-200

Affected Vendors

dec

Related CVEs

CVE-2026-6977 7.3

CVE-2026-31685 N/A

CVE-2026-31684 N/A

CVE-2026-31683 N/A

CVE-2026-31682 N/A