4.4
CVE-2007-2063
- EPSS 0.3%
- Veröffentlicht 18.04.2007 03:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:50
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for (1) the server pid file, which allows local users to cause arbitrary processes to be stopped, or (2) when _BPX_BATCH_UMASK is missing from the environment, creates HFS files with insecure permissions, which allows local users to read or modify these files and have other unknown impact.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ssh ≫ Tectia Server Editionibm_zos Version <= 5.3.0
Ssh ≫ Tectia Server Version5.0 Editionibm_zos
Ssh ≫ Tectia Server Version5.1.0 Editionibm_zos
Ssh ≫ Tectia Server Version5.2.0 Editionibm_zos
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.216 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 3.4 | 6.4 |
AV:L/AC:M/Au:N/C:P/I:P/A:P
|
http://osvdb.org/34998
http://secunia.com/advisories/24916
http://securitytracker.com/id?1017913
http://www.osvdb.org/35014
http://www.securityfocus.com/bid/23508
http://www.ssh.com/documents/33/SSH_Tectia_Server_5.4.0_zOS_releasenotes.txt
http://www.vupen.com/english/advisories/2007/1414
https://exchange.xforce.ibmcloud.com/vulnerabilities/33699