cve-2007-0895
Vulnerability from cvelistv5
Published
2007-02-13 01:00
Modified
2024-08-07 12:34
Severity ?
EPSS score ?
Summary
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102782-1"
},
{
"name": "oval:org.mitre.oval:def:8272",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8272"
},
{
"name": "24405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24405"
},
{
"name": "31880",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/31880"
},
{
"name": "24082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24082"
},
{
"name": "solaris-rm-dos(32399)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32399"
},
{
"name": "ADV-2007-0543",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0543"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "102782",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102782-1"
},
{
"name": "oval:org.mitre.oval:def:8272",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8272"
},
{
"name": "24405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24405"
},
{
"name": "31880",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/31880"
},
{
"name": "24082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24082"
},
{
"name": "solaris-rm-dos(32399)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32399"
},
{
"name": "ADV-2007-0543",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0543"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102782",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102782-1"
},
{
"name": "oval:org.mitre.oval:def:8272",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8272"
},
{
"name": "24405",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24405"
},
{
"name": "31880",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31880"
},
{
"name": "24082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24082"
},
{
"name": "solaris-rm-dos(32399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32399"
},
{
"name": "ADV-2007-0543",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0543"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0895",
"datePublished": "2007-02-13T01:00:00",
"dateReserved": "2007-02-12T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"A711CDC2-412C-499D-9FA6-7F25B06267C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"7BF232A9-9E0A-481E-918D-65FC82EF36D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2475113-CFE4-41C8-A86F-F2DA6548D224\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a \\\"..\\\" directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435.\"}, {\"lang\": \"es\", \"value\": \"Condici\\u00f3n de carrera en el borrado de directorios recursivo con las opciones (1) -r o (2) -R en Solaris 8 hasta 10 anterior al 08/02/2007 permite a usuarios locales borrar ficheros y directorios como el usuario que est\\u00e1 ejecutando rm movi\\u00e9ndose de directorio de bajo nivel a uno de mayor nivel mientras est\\u00e1 siendo borrado, lo cual provoca que rm haga un chdir al directorio \\\"..\\\" que es de mayor nivel que lo esperado, posiblemente fuera del sistema de ficheros de root, un asunto relacionado con CVE-2002-0435.\"}]",
"id": "CVE-2007-0895",
"lastModified": "2024-11-21T00:26:59.983",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:H/Au:N/C:N/I:P/A:P\", \"baseScore\": 2.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 1.9, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2007-02-13T01:28:00.000",
"references": "[{\"url\": \"http://secunia.com/advisories/24082\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/24405\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102782-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/31880\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0543\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/32399\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8272\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/24082\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/24405\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102782-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/31880\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0543\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/32399\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8272\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2007-0895\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-02-13T01:28:00.000\",\"lastModified\":\"2024-11-21T00:26:59.983\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a \\\"..\\\" directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435.\"},{\"lang\":\"es\",\"value\":\"Condici\u00f3n de carrera en el borrado de directorios recursivo con las opciones (1) -r o (2) -R en Solaris 8 hasta 10 anterior al 08/02/2007 permite a usuarios locales borrar ficheros y directorios como el usuario que est\u00e1 ejecutando rm movi\u00e9ndose de directorio de bajo nivel a uno de mayor nivel mientras est\u00e1 siendo borrado, lo cual provoca que rm haga un chdir al directorio \\\"..\\\" que es de mayor nivel que lo esperado, posiblemente fuera del sistema de ficheros de root, un asunto relacionado con CVE-2002-0435.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:N/I:P/A:P\",\"baseScore\":2.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":1.9,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"A711CDC2-412C-499D-9FA6-7F25B06267C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"7BF232A9-9E0A-481E-918D-65FC82EF36D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2475113-CFE4-41C8-A86F-F2DA6548D224\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/24082\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24405\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102782-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/31880\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0543\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/32399\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8272\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/24082\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24405\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102782-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/31880\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0543\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/32399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8272\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.