Vulnerability Description
NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and password by reading this file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Modular Authentication Service | <= 3.1.2 |
References
- http://osvdb.org/35943
- http://secunia.com/advisories/25592Vendor Advisory
- http://securitytracker.com/id?1018215
- http://www.securityfocus.com/bid/24405
- http://www.vupen.com/english/advisories/2007/2118
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34806
- https://secure-support.novell.com/KanisaPlatform/Publishing/249/3260550_f.SAL_Pu
- http://osvdb.org/35943
- http://secunia.com/advisories/25592Vendor Advisory
- http://securitytracker.com/id?1018215
- http://www.securityfocus.com/bid/24405
- http://www.vupen.com/english/advisories/2007/2118
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34806
- https://secure-support.novell.com/KanisaPlatform/Publishing/249/3260550_f.SAL_Pu
FAQ
What is CVE-2007-3200?
CVE-2007-3200 is a vulnerability with a CVSS score of 4.9 (MEDIUM). NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and pas...
How severe is CVE-2007-3200?
CVE-2007-3200 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3200?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Modular Authentication Service.