CVE-2007-0829

Summary

CVE	CVE-2007-0829
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2007-02-07 22:28:00 UTC
Updated	2017-07-29 01:30:00 UTC
Description	avast! Server Edition before 4.7.726 does not demand a password in a certain intended context, even when a password has been set, which allows local users to bypass authentication requirements.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Alwil	Avast Antivirus	4.6.460	All	server	All
Application	Alwil	Avast Antivirus	4.6.489	All	server	All
Application	Alwil	Avast Antivirus	4.6.566	All	server	All
Application	Alwil	Avast Antivirus	4.7.660	All	server	All
Application	Alwil	Avast Antivirus	4.7.676	All	server	All
Application	Alwil	Avast Antivirus	4.6.460	All	server	All
Application	Alwil	Avast Antivirus	4.6.489	All	server	All
Application	Alwil	Avast Antivirus	4.6.566	All	server	All
Application	Alwil	Avast Antivirus	4.7.660	All	server	All
Application	Alwil	Avast Antivirus	4.7.676	All	server	All

References

Reference	Source	Link	Tags
avast! Server Edition Revision history	CONFIRM	www.avast.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com
33114	OSVDB	osvdb.org
avast! Server Edition Password Setting Security Issue - Advisories - Secunia	SECUNIA	secunia.com
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Avast! Antivirus Server Edition Password Setting Security Bypass Vulnerability	BID	www.securityfocus.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.