CVE-2007-1507 in OpenAFSinformazioni

Riassunto

di MITRE

The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid programs within the local cell, which might allow attackers to gain privileges by spoofing a response to an AFS cache manager FetchStatus request, and setting setuid and root ownership for files in the cache.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

20/03/2007

Divulgazione

20/03/2007

Moderazione

accettato

Voce

VDB-35679

CPE

pronto

CWE

CWE-16 (confermato)

CVSS

7.3 (VulDB)

EPSS

0.02522

KEV

Attività

molto basso

Settore

Industry, Lawfirm, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-1507
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1507
CVE Details	https://www.cvedetails.com/cve/CVE-2007-1507/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you know our Splunk app?

Download it now for free!