CVE-2007-4151

Name of the Vulnerable Software and Affected Versions Visionsoft Audit version 12.4.0.0

Description The issue allows remote attackers to obtain sensitive information. This can be achieved through three methods: (1) a LOG.ON command, which reveals the logging pathname in the server response, (2) a VER command, which reveals the version number in the server response, and (3) a connection, which reveals the version number in the banner.

Recommendations For Visionsoft Audit version 12.4.0.0, consider restricting access to the LOG.ON and VER commands to minimize the risk of exploitation. Additionally, restrict access to the connection banner to prevent version number disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.