Lucene search

[email protected]CVE-2007-3191

HistoryJun 12, 2007 - 11:30 p.m.

CVE-2007-3191

2007-06-1223:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3191

jffnms

network management

remote attack

phpinfo

security vulnerability

nvd

9.4 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

6.1 Medium

AI Score

Confidence

Low

0.078 Low

EPSS

Percentile

94.2%

JSON

Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function.

Affected configurations

NVD

Node

jffnmsjust_for_fun_network_management_systemMatch0.8.3

CPENameOperatorVersion
jffnms:just_for_fun_network_management_systemjffnms just for fun network management systemeq0.8.3

CPE	Name	Operator	Version
jffnms:just_for_fun_network_management_system	jffnms just for fun network management system	eq	0.8.3

References

marc.info/?l=full-disclosure&m=118151087109711&w=2

osvdb.org/37167

secunia.com/advisories/25587

secunia.com/advisories/26769

www.debian.org/security/2007/dsa-1374

www.securityfocus.com/archive/1/471039/100/0/threaded

www.securityfocus.com/bid/24414

9.4 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

6.1 Medium

AI Score

Confidence

Low

0.078 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2007-3191

cvelist1 ubuntucve1 prion1 nvd1 nessus1 openvas2 osv1 debian1