|
Family: Windows --> Category: infos
Novell Client User Profile Access Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks file version of nwgina.dll
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host contains a DLL that is affected by an
unauthorized access vulnerability.
Description :
The file 'nwgina.dll' included with the Novell Client software
reportedly fails to delete user profiles when in a Terminal Server /
Citrix session. A local user may be able to leverage this issue to
invoke other user profiles on the affected host.
See also :
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm
Solution :
Install the 491psp3_nwgina.exe patch file referenced in the vendor
advisory above.
Threat Level:
Low / CVSS Base Score : 3.4
(AV:R/AC:H/Au:R/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|