CVE-2007-3192
published 2007-06-12CVE-2007-3192: admin/setup.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to read and modify configuration settings via a direct request.
PriorityP346critical9.4CVSS 2.0
AVNACLAuNCCICAN
EXPLOIT
EPSS
3.56%
87.9th percentile
admin/setup.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to read and modify configuration settings via a direct request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jffnms | just_for_fun_network_management_system | — | — |
CVSS provenance
nvdv2.09.4CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:N
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gwpx-qg6m-mrg3: admin/setup
ghsa_unreviewed·2022-05-01
CVE-2007-3192 [HIGH] GHSA-gwpx-qg6m-mrg3: admin/setup
admin/setup.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to read and modify configuration settings via a direct request.
Red Hat
httpd: multiple ranges DoS
vendor_redhat·2011-08-20·CVSS 7.8
CVE-2011-3192 [HIGH] httpd: multiple ranges DoS
httpd: multiple ranges DoS
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
Statement: Before updated packages are deployed, users can deploy configuration changes to mitigate this flaw:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192#c18
Package: httpd (Red Hat Directory Server 8) - Affected
No detection rules found.
No writeups or analysis indexed.
http://marc.info/?l=full-disclosure&m=118151087109711&w=2http://osvdb.org/37168http://secunia.com/advisories/25587http://www.securityfocus.com/archive/1/471039/100/0/threadedhttp://www.securityfocus.com/bid/24414http://marc.info/?l=full-disclosure&m=118151087109711&w=2http://osvdb.org/37168http://secunia.com/advisories/25587http://www.securityfocus.com/archive/1/471039/100/0/threadedhttp://www.securityfocus.com/bid/24414
2007-06-12
Published