CVE-2007-3200
Novell Modular Authentication Service (NMAS) <3.1.2 - Info Disclosure
Title source: llmDescription
NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and password by reading this file.
References (7)
Core 7
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2118
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24405
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/35943
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1018215
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25592
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34806
Vendor Advisory x_refsource_confirm
https://secure-support.novell.com/KanisaPlatform/Publishing/249/3260550_f.SAL_Public.html
Scores
EPSS
0.0006
EPSS Percentile
20.2%
Details
Status
published
Products (1)
novell/modular_authentication_service
< 3.1.2
Published
Jun 12, 2007
Tracked Since
Feb 18, 2026