SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2312)