Vulnerabilities > CVE-2007-3200 - Local Information Disclosure vulnerability in Novell Modular Authentication Service 3.1.2
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and password by reading this file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- http://osvdb.org/35943
- http://secunia.com/advisories/25592
- http://securitytracker.com/id?1018215
- http://www.securityfocus.com/bid/24405
- http://www.vupen.com/english/advisories/2007/2118
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34806
- https://secure-support.novell.com/KanisaPlatform/Publishing/249/3260550_f.SAL_Public.html