Vulnerabilities > CVE-2007-0108 - Unspecified vulnerability in Novell Client 4.91

CVSS 6.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

novell

nessus

NVD

Published: 2007-01-09

Updated: 2017-07-29

Summary

nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles.

Vulnerable Configurations

Part	Description	Count
Application	Novell Novell Client 4.91	1

Nessus

NASL family	Windows
NASL id	NOVELL_TID2974970.NASL
description	The file
last seen	2020-06-01
modified	2020-06-02
plugin id	23978
published	2007-01-06
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/23978
title	Novell Client TS/Citrix Session Arbitrary User Profile Invocation

Summary

Vulnerable Configurations

Nessus

References