CVE-2007-0476 in OpenLDAPinfo

Summary

The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2.x before 2.2.28-r7, and 2.3.x before 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files via a symlink attack.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

01/24/2007

Disclosure

01/24/2007

Moderation

VulDB entry created

Entries

VDB-34595 (1)

CPE

ready

CWE

CWE-61 (Confirmed)

CVSS

5.9

EPSS

0.00068

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0476
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0476
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0476/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!