Vulnerability Description
nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nomachine | Nx Server | <= 2.1.0_17 |
References
- http://osvdb.org/33009
- http://secunia.com/advisories/23993PatchVendor Advisory
- http://www.nomachine.com/news_read.php?idnews=190Patch
- http://www.nomachine.com/tr/view.php?id=TR01E01622
- http://www.securityfocus.com/bid/22308
- http://www.vupen.com/english/advisories/2007/0413
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31941
- http://osvdb.org/33009
- http://secunia.com/advisories/23993PatchVendor Advisory
- http://www.nomachine.com/news_read.php?idnews=190Patch
- http://www.nomachine.com/tr/view.php?id=TR01E01622
- http://www.securityfocus.com/bid/22308
- http://www.vupen.com/english/advisories/2007/0413
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31941
FAQ
What is CVE-2007-0625?
CVE-2007-0625 is a vulnerability with a CVSS score of 4.9 (MEDIUM). nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspe...
How severe is CVE-2007-0625?
CVE-2007-0625 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0625?
Check the references section above for vendor advisories and patch information. Affected products include: Nomachine Nx Server.