CVE-2007-3200 Information

Description

NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG which might allow local users to obtain the admin username and password by reading this file.

Reference

http://osvdb.org/35943 http://secunia.com/advisories/25592 http://securitytracker.com/id?1018215 http://www.securityfocus.com/bid/24405 http://www.vupen.com/english/advisories/2007/2118 https://exchange.xforce.ibmcloud.com/vulnerabilities/34806 https://secure-support.novell.com/KanisaPlatform/Publishing/249/3260550_f.SAL_Public.html