5 matches found
CVE-2007-4152
The CVE-2007-4152 issue affects Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0. The vulnerability allows remote replay of data from the DETAILS and PROCESS sections of a session that schedules an audit. This is the stated impact in the provided documents; no exploitation ...
CVE-2007-4150
The CVE-2007-4150 issue affects Visionsoft Audit 12.4.0.0 (Visionsoft Audit) where weak cryptography (XOR) is used for passwords: during transmission over the network (passwords can be sniffed) and in the configuration file (local read access can reveal passwords). No further exploit details are ...
CVE-2007-4148
CVE-2007-4148 concerns Visionsoft Audit’s Audit on Demand Service (VSAOD). A heap-based buffer overflow in VSAOD (Visionsoft Audit 12.4.0.0) is triggered by a long filename in a "LOG." command, enabling remote attackers to cause persistent daemon crashes and, per NVD, potentially execute arbitrar...
CVE-2007-4149
CVE-2007-4149 affects Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0. The issue occurs because unauthenticated remote commands (LOG., SETTINGSFILE, UNINSTALL) allow arbitrary file creation/overwrite, reconfiguration of VSAOD, or denial of service (daemon shutdown). The fi...
CVE-2007-4151
The CVE-2007-4151 issue affects Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0. It enables remote information disclosure via (1) LOG.ON (reveals the logging pathname), (2) VER (reveals the server version in responses), and (3) the banner in an initial connection. CVSSv2 b...