{"href": "https://vulners.com/osvdb/OSVDB:35775", "history": [], "id": "OSVDB:35775", "reporter": "OSVDB", "published": "2007-04-06T07:33:24", "description": "## Solution Description\nUpgrade to version 6.0.106 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\n[Vendor Specific Advisory URL](http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5003822.html)\nSecurity Tracker: 1018006\n[Secunia Advisory ID:25160](https://secuniaresearch.flexerasoftware.com/advisories/25160/)\n[Related OSVDB ID: 35774](https://vulners.com/osvdb/OSVDB:35774)\nFrSIRT Advisory: ADV-2007-1436\n[CVE-2007-2476](https://vulners.com/cve/CVE-2007-2476)\nBugtraq ID: 23547\n", "title": "Novell SecureLogin (NSL) Active Directory (AD) Password Unspecified Remote Issue", "lastseen": "2017-04-28T13:20:31", "bulletinFamily": "software", "type": "osvdb", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "hash": "c5b57846fce68e9c86ce64bb35e16d0c42f30b251384956e1ba4b0d41fa288d2", "references": [], "edition": 1, "cvelist": ["CVE-2007-2476"], "affectedSoftware": [], "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-2476"]}, {"type": "nessus", "idList": ["NOVELL_SECURE_LOGIN_6_0_106.NASL"]}], "modified": "2017-04-28T13:20:31"}, "vulnersScore": 5.0}, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "1779f99d5437095bf614e2bb6fd5522b"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "b696dbd3702f991f24747043fce67985"}, {"key": "href", "hash": "f30a9f193b328ec01b34f93ecb63621d"}, {"key": "modified", "hash": "8476534589b94b5a6c15684df9f5dc53"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "8476534589b94b5a6c15684df9f5dc53"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "8d1d2e973f8e15585fd70a508ab40209"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "objectVersion": "1.2", "modified": "2007-04-06T07:33:24"}

{"cve": [{"lastseen": "2016-09-03T08:51:20", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to Active Directory (AD) password changes.", "modified": "2011-03-07T21:54:20", "published": "2007-05-02T19:19:00", "id": "CVE-2007-2476", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2476", "type": "cve", "title": "CVE-2007-2476", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:09:52", "bulletinFamily": "scanner", "description": "The version of Novell SecureLogin installed on the remote host is earlier than 6.0.106. Such versions reportedly grant a user excessive permissions to their own attributes in an Active Directory (AD) environment.\n\nThere is also a security issue with AD password change.\n\nNote that Novell strongly recommends the patch be applied if operating in an Active Directory environment regardless of whether SecureLogin is deployed in eDirectory or AD mode.", "modified": "2018-07-16T00:00:00", "id": "NOVELL_SECURE_LOGIN_6_0_106.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=25125", "published": "2007-05-02T00:00:00", "title": "Novell SecureLogin < 6.0.106 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25125);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\n\n script_cve_id(\"CVE-2007-2475\", \"CVE-2007-2476\");\n script_bugtraq_id(23547);\n\n script_name(english:\"Novell SecureLogin < 6.0.106 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Novell SecureLogin\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by\nmultiple issues.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Novell SecureLogin installed on the remote host is\nearlier than 6.0.106. Such versions reportedly grant a user excessive\npermissions to their own attributes in an Active Directory (AD)\nenvironment.\n\nThere is also a security issue with AD password change.\n\nNote that Novell strongly recommends the patch be applied if operating\nin an Active Directory environment regardless of whether SecureLogin\nis deployed in eDirectory or AD mode.\");\n # http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5003822.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b56c5a09\");\n script_set_attribute(attribute:\"solution\", value:\"Apply Novell SecureLogin 6.0.106 patch or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/04/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\n\n\n# Connect to the appropriate share.\nif (!get_kb_item(\"SMB/Registry/Enumerated\")) exit(1, \"KB 'SMB/Registry/Enumerated' not set to TRUE.\");\n\nport = kb_smb_transport();\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\nif(! smb_session_init()) audit(AUDIT_FN_FAIL, 'smb_session_init');\n\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:\"IPC$\");\nif (rc != 1)\n{\n NetUseDel();\n audit(AUDIT_SHARE_FAIL,\"IPC$\");\n}\n\n\n# Connect to remote registry.\nhklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);\nif (isnull(hklm))\n{\n NetUseDel();\n audit(AUDIT_REG_FAIL);\n}\n\n\n# Get some info about the install.\npath = NULL;\n\nkey = \"SOFTWARE\\Novell\\SecureLogin\";\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n item = RegQueryValue(handle:key_h, item:\"InstallPath\");\n if (!isnull(item))\n {\n path = item[1];\n if (\"\\SecretStore\" >< path) path = path - \"\\SecretStore\";\n }\n RegCloseKey(handle:key_h);\n}\nRegCloseKey(handle:hklm);\n\n\n# If it is...\nif (path)\n{\n NetUseDel(close:FALSE);\n\n # Make sure the executable exists.\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\n exe = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\slbroker.exe\", string:path);\n NetUseDel(close:FALSE);\n\n rc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL,share);\n }\n\n fh = CreateFile(\n file:exe,\n desired_access:GENERIC_READ,\n file_attributes:FILE_ATTRIBUTE_NORMAL,\n share_mode:FILE_SHARE_READ,\n create_disposition:OPEN_EXISTING\n );\n if (!isnull(fh))\n {\n ver = GetFileVersion(handle:fh);\n CloseFile(handle:fh);\n }\n\n # There's a problem if the version is < 6.0.106.0.\n if (!isnull(ver))\n {\n fix = split(\"6.0.106.0\", sep:'.', keep:FALSE);\n for (i=0; i<4; i++)\n fix[i] = int(fix[i]);\n\n for (i=0; i<max_index(ver); i++)\n if ((ver[i] < fix[i]))\n {\n version = string(ver[0], \".\", ver[1], \".\", ver[2]);\n\n report = string(\n \"Novell SecureLogin version \", version, \" is installed under :\\n\",\n \"\\n\",\n \" \", path, \"\\n\"\n );\n security_hole(port:port, extra:report);\n\n break;\n }\n else if (ver[i] > fix[i])\n break;\n }\n}\nNetUseDel();\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}