ID CVE-2007-0482
Summary cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 allows local users to obtain the utadmin password by reading a web server's log file, or by conducting a different, unspecified local attack.
References
Vulnerable Configurations
  • Sun Ray Server Software 2.0
    cpe:2.3:a:sun:ray_server_software:2.0
  • Sun Ray Server Software 3.0
    cpe:2.3:a:sun:ray_server_software:3.0
CVSS
Base: 4.6 (as of 25-01-2007 - 11:18)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_114880.NASL
    description Sun Ray Server version 2.0 Patch Update. Date this patch was last updated by Sun : Feb/14/08
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 23368
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23368
    title Solaris 8 (sparc) : 114880-12
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_114880.NASL
    description Sun Ray Server version 2.0 Patch Update. Date this patch was last updated by Sun : Feb/14/08
    last seen 2018-09-02
    modified 2014-08-30
    plugin id 23503
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23503
    title Solaris 9 (sparc) : 114880-12
refmap via4
bid 22192
osvdb 31671
sectrack 1017547
secunia 23900
sunalert 102779
vupen ADV-2007-0316
xf sunray-utadmin-information-disclosure(31700)
Last major update 07-03-2011 - 21:49
Published 24-01-2007 - 19:28
Last modified 28-07-2017 - 21:30
Back to Top