CVE-2007-0472 in Smb4Kinfo

Summary

Multiple race conditions in Smb4K before 0.8.0 allow local users to (1) modify arbitrary files via unspecified manipulations of Smb4K s lock file, which is not properly handled by the remove_lock_file function in core/smb4kfileio.cpp, and (2) add lines to the sudoers file via a symlink attack on temporary files, which isn t properly handled by the writeFile function in core/smb4kfileio.cpp.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

01/24/2007

Disclosure

02/03/2007

Moderation

VulDB entry created

Entries

VDB-34812 (1)

CPE

ready

CWE

CWE-61 (Confirmed)

CVSS

4.9

EPSS

0.00078

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0472
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0472
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0472/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!