What is CVE-2007-1192?

CVE-2007-1192 is a medium-severity vulnerability affecting HyperBFook Guestbook 1.30, a web-based guestbook application. This vulnerability allows remote attackers to access sensitive information, such as admin password hashes, due to insufficient access control. As a result, systems running HyperBook Guestbook 1.30, particularly web servers hosting the application, are at risk of unauthorized access and potential data breaches.

Who is impacted by this?

This specific vulnerability impacts only version 1.30 of the software. Users should be aware of the potential risks associated with this vulnerability, as it could lead to unauthorized access and data breaches.

What should I do if I’m affected?

If you're affected by the CVE-2007-1192 vulnerability, it's important to take action to protect your system. Here are some simple steps to follow:

1. Upgrade to a newer version of HyperBook Guestbook, if available.

2. Restrict access to sensitive files, such as data/gbconfiguration.dat, using server configurations.

3. Regularly monitor your system for signs of unauthorized access.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2007-1192 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This security issue affects HyperBook Guestbook 1.30 and allows remote attackers to access sensitive information, such as admin password hashes, due to insufficient access control. It was published on March 2, 2007, but no specific due date or required action is mentioned.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-Other, indicating insufficient access control in HyperBook Guestbook 1.30, allowing remote attackers to access sensitive information.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or refer to the sources below.

• CVE Record | CVE

• Secunia Advisory 24392