Local File Read Vulnerability in NoMachine NX Node and NX Server Products
CVE-2011-3977

Currently unrated

Key Information:

Vendor: Nomachine
Status: Nx Server; Nx Node
Vendor: CVE Published:; 4 October 2011

What is CVE-2011-3977?

An unspecified vulnerability exists in the nxconfigure.sh script for NoMachine NX Node and NX Server versions prior to 3.5.0-4 and 3.5.0-5, respectively. This flaw allows local users to read arbitrary files, potentially leading to unauthorized access to sensitive information. Attack vectors are not clearly defined. Users and administrators are advised to apply the relevant patches to mitigate the risk associated with this vulnerability.

References

http://www.securityfocus.com/archive/1/519730/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/49720

vdb-entryx_refsource_BID

http://www.nomachine.com/tr/view.php?id=TR08I02575

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2011
Vulnerability Reserved
Oct 3, 2011

CVE-2011-3977 Data

JSON

Nomachine

What is CVE-2011-3977?

References

Timeline