VAR-200702-0458
Vulnerability from variot - Updated: 2023-12-18 12:53The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client. Nortel SSL VPN Net Direct Client is prone to a local privilege-escalation vulnerability. Successfully exploiting this issue allows local users to execute arbitrary code with superuser privileges, facilitating the complete compromise of affected computers.
Secunia is proud to announce the availability of the Secunia Software Inspector.
The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor.
Try it out online: http://secunia.com/software_inspector/
TITLE: Nortel Net Direct Client for Linux Privilege Escalation
SECUNIA ADVISORY ID: SA24231
VERIFY ADVISORY: http://secunia.com/advisories/24231/
CRITICAL: Less critical
IMPACT: Privilege escalation
WHERE: Local system
SOFTWARE: Nortel Net Direct Client for Linux 6.x http://secunia.com/product/13523/
DESCRIPTION: Jon Hart has reported a vulnerability in Net Direct Client for Linux, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused by a combination of insecure permissions and a race condition when downloading and executed client binaries.
The vulnerability is reported in versions 6.0.1 through 6.0.3.
SOLUTION: Update to version 6.0.5.
PROVIDED AND/OR DISCOVERED BY: Jon Hart, spoofed.org.
ORIGINAL ADVISORY: Nortel Networks: http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540071
Jon Hart: http://spoofed.org/blog/archive/2007/02/nortel_vpn_unix_client_local_root_compromise.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200702-0458",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "net direct client",
"scope": "lte",
"trust": 1.0,
"vendor": "nortel",
"version": "6.0.4"
},
{
"model": "net direct client",
"scope": "lt",
"trust": 0.8,
"vendor": "nortel",
"version": "6.0.5"
},
{
"model": "alteon 2424 application switch",
"scope": "eq",
"trust": 0.6,
"vendor": "nortel",
"version": "23.2"
},
{
"model": "networks vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "30700"
},
{
"model": "networks vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "30500"
},
{
"model": "networks ssl vpn net direct client",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6.0.3"
},
{
"model": "networks ssl vpn net direct client",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6.0.2"
},
{
"model": "networks ssl vpn net direct client",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6.0.1"
},
{
"model": "networks ssl vpn module",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "networks application switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "24240"
},
{
"model": "networks ssl vpn net direct client",
"scope": "ne",
"trust": 0.3,
"vendor": "nortel",
"version": "6.0.5"
}
],
"sources": [
{
"db": "BID",
"id": "22632"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003408"
},
{
"db": "NVD",
"id": "CVE-2007-1057"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:alteon_2424_application_switch:23.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:ssl_vpn_module_1000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_gateway_3070:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nortel:net_direct_client:*:*:linux:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.4",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1057"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jon Hart discovered this vulnerability.",
"sources": [
{
"db": "BID",
"id": "22632"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
],
"trust": 0.9
},
"cve": "CVE-2007-1057",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-1057",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-24419",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-1057",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200702-363",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-24419",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24419"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003408"
},
{
"db": "NVD",
"id": "CVE-2007-1057"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client. Nortel SSL VPN Net Direct Client is prone to a local privilege-escalation vulnerability. \nSuccessfully exploiting this issue allows local users to execute arbitrary code with superuser privileges, facilitating the complete compromise of affected computers. \n\n----------------------------------------------------------------------\n\nSecunia is proud to announce the availability of the Secunia Software\nInspector. \n\nThe Secunia Software Inspector is a free service that detects insecure\nversions of software that you may have installed in your system. When\ninsecure versions are detected, the Secunia Software Inspector also\nprovides thorough guidelines for updating the software to the latest\nsecure version from the vendor. \n\nTry it out online:\nhttp://secunia.com/software_inspector/\n\n----------------------------------------------------------------------\n\nTITLE:\nNortel Net Direct Client for Linux Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA24231\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24231/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nNortel Net Direct Client for Linux 6.x\nhttp://secunia.com/product/13523/\n\nDESCRIPTION:\nJon Hart has reported a vulnerability in Net Direct Client for Linux,\nwhich can be exploited by malicious, local users to gain escalated\nprivileges. \n\nThe vulnerability is caused by a combination of insecure permissions\nand a race condition when downloading and executed client binaries. \n\nThe vulnerability is reported in versions 6.0.1 through 6.0.3. \n\nSOLUTION:\nUpdate to version 6.0.5. \n\nPROVIDED AND/OR DISCOVERED BY:\nJon Hart, spoofed.org. \n\nORIGINAL ADVISORY:\nNortel Networks:\nhttp://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=540071\n\nJon Hart:\nhttp://spoofed.org/blog/archive/2007/02/nortel_vpn_unix_client_local_root_compromise.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1057"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003408"
},
{
"db": "BID",
"id": "22632"
},
{
"db": "VULHUB",
"id": "VHN-24419"
},
{
"db": "PACKETSTORM",
"id": "54539"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-24419",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24419"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-1057",
"trust": 2.8
},
{
"db": "BID",
"id": "22632",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "24231",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1017678",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "33304",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "3356",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0671",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003408",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200702-363",
"trust": 0.7
},
{
"db": "MILW0RM",
"id": "3356",
"trust": 0.6
},
{
"db": "XF",
"id": "32597",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-64500",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-24419",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "54539",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24419"
},
{
"db": "BID",
"id": "22632"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003408"
},
{
"db": "PACKETSTORM",
"id": "54539"
},
{
"db": "NVD",
"id": "CVE-2007-1057"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
]
},
"id": "VAR-200702-0458",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-24419"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:53:17.449000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top page",
"trust": 0.8,
"url": "http://www.nortel-canada.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003408"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1057"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://spoofed.org/blog/archive/2007/02/nortel_vpn_unix_client_local_root_compromise.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/22632"
},
{
"trust": 1.7,
"url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2007/08/021886-01.pdf"
},
{
"trust": 1.7,
"url": "http://osvdb.org/33304"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017678"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24231"
},
{
"trust": 1.7,
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=540071"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/3356"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0671"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32597"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1057"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1057"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/32597"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/3356"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0671"
},
{
"trust": 0.3,
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=540071\u0026renditionid=\u0026poid=null"
},
{
"trust": 0.1,
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026amp;documentoid=540071"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13523/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24231/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24419"
},
{
"db": "BID",
"id": "22632"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003408"
},
{
"db": "PACKETSTORM",
"id": "54539"
},
{
"db": "NVD",
"id": "CVE-2007-1057"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-24419"
},
{
"db": "BID",
"id": "22632"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003408"
},
{
"db": "PACKETSTORM",
"id": "54539"
},
{
"db": "NVD",
"id": "CVE-2007-1057"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-21T00:00:00",
"db": "VULHUB",
"id": "VHN-24419"
},
{
"date": "2007-02-20T00:00:00",
"db": "BID",
"id": "22632"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003408"
},
{
"date": "2007-02-23T02:32:16",
"db": "PACKETSTORM",
"id": "54539"
},
{
"date": "2007-02-21T23:28:00",
"db": "NVD",
"id": "CVE-2007-1057"
},
{
"date": "2007-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-24419"
},
{
"date": "2015-05-12T19:34:00",
"db": "BID",
"id": "22632"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003408"
},
{
"date": "2017-10-11T01:31:44.657000",
"db": "NVD",
"id": "CVE-2007-1057"
},
{
"date": "2007-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "22632"
},
{
"db": "PACKETSTORM",
"id": "54539"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Application Switch Used in products such as Net Direct Vulnerability in arbitrary code execution by other users in the client",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003408"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competitive condition",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200702-363"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…