Vulnerabilites related to xfsdump - xfsdump
cve-2007-2654
Vulnerability from cvelistv5
Published
2007-05-14 21:00
Modified
2024-08-07 13:49
Severity ?
Summary
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
References
http://secunia.com/advisories/25761third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/23922vdb-entry, x_refsource_BID
http://osvdb.org/36716vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/26867third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-516-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/25425third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_10_sr.htmlvendor-advisory, x_refsource_SUSE
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894x_refsource_MISC
http://secunia.com/advisories/25220third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:134vendor-advisory, x_refsource_MANDRIVA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:49:56.255Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "25761",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25761"
          },
          {
            "name": "23922",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23922"
          },
          {
            "name": "36716",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36716"
          },
          {
            "name": "26867",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26867"
          },
          {
            "name": "USN-516-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-516-1"
          },
          {
            "name": "25425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25425"
          },
          {
            "name": "SUSE-SR:2007:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894"
          },
          {
            "name": "25220",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25220"
          },
          {
            "name": "MDKSA-2007:134",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:134"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-06-01T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "25761",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25761"
        },
        {
          "name": "23922",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23922"
        },
        {
          "name": "36716",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36716"
        },
        {
          "name": "26867",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26867"
        },
        {
          "name": "USN-516-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-516-1"
        },
        {
          "name": "25425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25425"
        },
        {
          "name": "SUSE-SR:2007:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894"
        },
        {
          "name": "25220",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25220"
        },
        {
          "name": "MDKSA-2007:134",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:134"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2654",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "25761",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25761"
            },
            {
              "name": "23922",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23922"
            },
            {
              "name": "36716",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36716"
            },
            {
              "name": "26867",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26867"
            },
            {
              "name": "USN-516-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-516-1"
            },
            {
              "name": "25425",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25425"
            },
            {
              "name": "SUSE-SR:2007:010",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894",
              "refsource": "MISC",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894"
            },
            {
              "name": "25220",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25220"
            },
            {
              "name": "MDKSA-2007:134",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:134"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2654",
    "datePublished": "2007-05-14T21:00:00",
    "dateReserved": "2007-05-14T00:00:00",
    "dateUpdated": "2024-08-07T13:49:56.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0173
Vulnerability from cvelistv5
Published
2003-04-15 04:00
Modified
2024-08-08 01:43
Severity ?
Summary
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.
References
http://www.kb.cert.org/vuls/id/111673third-party-advisory, x_refsource_CERT-VN
http://www.mandriva.com/security/advisories?name=MDKSA-2003:047vendor-advisory, x_refsource_MANDRAKE
ftp://patches.sgi.com/support/free/security/advisories/20030404-01-Pvendor-advisory, x_refsource_SGI
http://www.debian.org/security/2003/dsa-283vendor-advisory, x_refsource_DEBIAN
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:36.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#111673",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/111673"
          },
          {
            "name": "MDKSA-2003:047",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:047"
          },
          {
            "name": "20030404-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20030404-01-P"
          },
          {
            "name": "DSA-283",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-04-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2003-04-26T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#111673",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/111673"
        },
        {
          "name": "MDKSA-2003:047",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:047"
        },
        {
          "name": "20030404-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20030404-01-P"
        },
        {
          "name": "DSA-283",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0173",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#111673",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/111673"
            },
            {
              "name": "MDKSA-2003:047",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:047"
            },
            {
              "name": "20030404-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20030404-01-P"
            },
            {
              "name": "DSA-283",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0173",
    "datePublished": "2003-04-15T04:00:00",
    "dateReserved": "2003-03-28T00:00:00",
    "dateUpdated": "2024-08-08T01:43:36.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2003-05-05 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.
References
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20030404-01-PPatch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2003/dsa-283Patch, Vendor Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/111673US Government Resource
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2003:047
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20030404-01-PPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2003/dsa-283Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/111673US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2003:047
Impacted products
Vendor Product Version
xfsdump xfsdump 2.0.0
xfsdump xfsdump 2.0.1
xfsdump xfsdump 2.0.2
xfsdump xfsdump 2.0.3
xfsdump xfsdump 2.0.4
xfsdump xfsdump 2.0.5
sgi irix 6.5
sgi irix 6.5.1
sgi irix 6.5.2
sgi irix 6.5.2f
sgi irix 6.5.2m
sgi irix 6.5.3
sgi irix 6.5.3f
sgi irix 6.5.3m
sgi irix 6.5.4
sgi irix 6.5.4f
sgi irix 6.5.4m
sgi irix 6.5.5
sgi irix 6.5.5f
sgi irix 6.5.5m
sgi irix 6.5.6
sgi irix 6.5.6f
sgi irix 6.5.6m
sgi irix 6.5.7
sgi irix 6.5.7f
sgi irix 6.5.7m
sgi irix 6.5.8
sgi irix 6.5.8f
sgi irix 6.5.8m
sgi irix 6.5.9
sgi irix 6.5.9f
sgi irix 6.5.9m
sgi irix 6.5.10
sgi irix 6.5.10f
sgi irix 6.5.10m
sgi irix 6.5.11
sgi irix 6.5.11f
sgi irix 6.5.11m
sgi irix 6.5.12
sgi irix 6.5.12f
sgi irix 6.5.12m
sgi irix 6.5.13
sgi irix 6.5.13f
sgi irix 6.5.13m
sgi irix 6.5.14
sgi irix 6.5.14f
sgi irix 6.5.14m
sgi irix 6.5.15
sgi irix 6.5.15f
sgi irix 6.5.15m
sgi irix 6.5.16
sgi irix 6.5.16f
sgi irix 6.5.16m
sgi irix 6.5.17
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.18
sgi irix 6.5.18f
sgi irix 6.5.18m
sgi irix 6.5.19
sgi irix 6.5.19f
sgi irix 6.5.19m


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xfsdump:xfsdump:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C941D825-AC1F-4FEB-BEBF-EC3DD6D1840A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfsdump:xfsdump:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E9F15C0-D3EE-40C9-842F-8B4E187D9AA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfsdump:xfsdump:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2FD081C-25D1-4277-85D3-BCB3D7C8B6D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfsdump:xfsdump:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3FEEC4A-337B-46AF-9B34-2C36BDB9D11A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfsdump:xfsdump:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "03023347-0DE0-47B9-BF24-D6039B2D5AB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfsdump:xfsdump:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "19925282-2563-4EC7-A266-A16E15D80DBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.2f:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB113626-38E2-4C42-A6A9-4BBDA0AC4A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
              "matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
              "matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.4f:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CEC8518-4DBA-43AA-90B8-279F2DD4A2DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.4m:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F8286F3-DF0E-4D8E-A27D-0C5182D5870C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.5f:*:*:*:*:*:*:*",
              "matchCriteriaId": "B306EE13-57CF-43A6-AA72-C641C53A2A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.5m:*:*:*:*:*:*:*",
              "matchCriteriaId": "6291BEE1-73D2-4976-B065-E135880F73B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.6f:*:*:*:*:*:*:*",
              "matchCriteriaId": "621C31D9-8102-4F2D-8008-B32020F0B831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.6m:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF5E9B8-62F9-4A6F-9C0C-551980981366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.7f:*:*:*:*:*:*:*",
              "matchCriteriaId": "F883CF73-CDA0-4B50-98E6-1B5DE0A4A816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.7m:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6C9F200-68AC-4B45-8AFC-F604429FDF3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.8f:*:*:*:*:*:*:*",
              "matchCriteriaId": "1742BF2B-63C7-441D-9A01-DE65C95911D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.8m:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30B7C42-CEE8-4377-957C-BCCE35C071A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.9f:*:*:*:*:*:*:*",
              "matchCriteriaId": "B859D7F7-B0A6-4148-8146-F651ED3F99AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.9m:*:*:*:*:*:*:*",
              "matchCriteriaId": "59EC5B1A-309A-4DE2-A197-F4DC07A8DC3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.10f:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E7D3C74-CDD2-4DFF-A331-007E1669752A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.10m:*:*:*:*:*:*:*",
              "matchCriteriaId": "03FA10EA-F6E5-4A89-AC37-40FF6A147528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.11f:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C8E0DF6-D9C2-4DBC-9997-B5BFC6DEC9F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.11m:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E1480B-2183-45AD-B63F-16DEC9BF0398",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.12f:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D08345C-F945-410C-9DCB-8C358178F975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.12m:*:*:*:*:*:*:*",
              "matchCriteriaId": "8764BE36-9377-486C-9198-DF79A5A60679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.13f:*:*:*:*:*:*:*",
              "matchCriteriaId": "25243FA1-7AF7-41D4-8FAD-A5AB289E120D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.13m:*:*:*:*:*:*:*",
              "matchCriteriaId": "94D89730-AA61-4FC9-A6AB-0574CA51EE75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B24D34C-1F95-45C8-9A57-2D2622ED9019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B59E7C-B059-41CD-AE33-E9623ADA12BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF1B657-C910-4BB0-828C-09B6A59D988D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BD69805-D021-4DCC-9FB6-A0BEA721408A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*",
              "matchCriteriaId": "72D61A9F-AC57-4DD9-9047-74BFA9BFACFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*",
              "matchCriteriaId": "C254FC5D-895D-4EFC-B9A7-74699D9FE65E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13C07CC-F615-4F30-B532-4BF6F02F84DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*",
              "matchCriteriaId": "27532639-37CD-4BD2-AE48-F741009D3449",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*",
              "matchCriteriaId": "F83879DE-1BD7-4FF7-ACC6-5B119DB09BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BE3F77A-909E-4947-A808-BCAB7F96A108",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4F1E3C7-0FDD-46E1-8748-6A5FF669C95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E63313-9533-478D-ACC0-C050FBA3EACF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A7D5D-BDD9-45F8-9BE7-3B01D70C8CC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "2334FD6C-444F-4042-AF6D-D654C18C9950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.19f:*:*:*:*:*:*:*",
              "matchCriteriaId": "61370032-AB21-4E93-B143-A92A342AFB1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.19m:*:*:*:*:*:*:*",
              "matchCriteriaId": "C833FC19-D913-4C62-B14A-E1B3845D0275",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges."
    },
    {
      "lang": "es",
      "value": "xfsdq en xfsdump no crea los ficheros de informaci\u00f3n de cuota con seguridad, lo que permite a usuarios locales ganar privilegios de root."
    }
  ],
  "id": "CVE-2003-0173",
  "lastModified": "2024-11-20T23:44:08.757",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-05-05T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20030404-01-P"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2003/dsa-283"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/111673"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20030404-01-P"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2003/dsa-283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/111673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:047"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-05-14 21:19
Modified
2024-11-21 00:31
Severity ?
Summary
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
References
cve@mitre.orghttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894Exploit
cve@mitre.orghttp://osvdb.org/36716
cve@mitre.orghttp://secunia.com/advisories/25220Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/25425Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/25761Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/26867Vendor Advisory
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2007:134
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2007_10_sr.htmlVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/23922
cve@mitre.orghttp://www.ubuntu.com/usn/usn-516-1
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894Exploit
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/36716
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25220Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25425Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25761Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26867Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:134
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_10_sr.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23922
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-516-1
Impacted products
Vendor Product Version
suse suse_linux 1.0
suse suse_linux 8
suse suse_linux 8.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 10
suse suse_linux 10
suse suse_linux 10.0
suse suse_linux 10.1
suse suse_linux 10.1
suse suse_linux 10.2
suse suse_linux 10.2
suse suse_united_linux 1.0
suse suse_linux_openexchange_server 4.0
suse suse_linux_school_server gold
suse suse_linux_standard_server 8.0
suse suse_open_enterprise_server 9
xfsdump xfsdump 2.2.38
suse opensuse 10.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
              "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:retail_solution:*:*:*:*:*",
              "matchCriteriaId": "9E4D356D-E894-4957-AD61-DA1145CC51FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10:*:enterprise_desktop:*:*:*:*:*",
              "matchCriteriaId": "DC55429E-B607-402D-A491-0EFE7D522F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "C69ED2AB-9E0D-43B3-90F3-E2E10A5B1773",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "6A8AC384-D568-46AA-8B4C-4CCCE472BAA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "397B7AE2-248A-4D89-A562-CAA3AD66C862",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "20C0890B-643B-49C9-B066-8F7D0DF1D0A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D9558BE1-6549-44B5-B0C8-1BB57A96C3B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_united_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF777CD-BB4F-4F21-A58E-4A42BD7DDE6A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_openexchange_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "042AF078-032E-4058-9BB1-362A0AADDD92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_school_server:gold:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AB7A069E-9BFA-4DA0-918D-A60CF477D7DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_standard_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14B5A54A-07E9-4F28-8D2E-76B41C8F7965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_open_enterprise_server:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "154457C9-9D8C-4125-A3E4-14A87C36976E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfsdump:xfsdump:2.2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2304E36-F58C-42DF-8493-78D423A50546",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:opensuse:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "71A4AF36-9BE4-4083-A70A-E3CE1244A616",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems."
    },
    {
      "lang": "es",
      "value": "xfs_fsr en xfsdump crea un directorio temporal .fsr con permisos no seguros, que permite a usuarios locales leer o sobrescribir archivos arbitrarios en sistemas de archivos xfs."
    }
  ],
  "id": "CVE-2007-2654",
  "lastModified": "2024-11-21T00:31:19.847",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-14T21:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/36716"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25220"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25425"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25761"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26867"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:134"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/23922"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-516-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/36716"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:134"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-516-1"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}