7.2

CVE-2007-2838

The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GsambadGsambad Version0.1.4
   DebianDebian Linux Version4.0
   DebianDebian Linux Version4.0 Editionalpha
   DebianDebian Linux Version4.0 Editionamd64
   DebianDebian Linux Version4.0 Editionarm
   DebianDebian Linux Version4.0 Editionhppa
   DebianDebian Linux Version4.0 Editionia-32
   DebianDebian Linux Version4.0 Editionia-64
   DebianDebian Linux Version4.0 Editionm68k
   DebianDebian Linux Version4.0 Editionmips
   DebianDebian Linux Version4.0 Editionmipsel
   DebianDebian Linux Version4.0 Editionpowerpc
   DebianDebian Linux Version4.0 Editions390
   DebianDebian Linux Version4.0 Editionsparc
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.262
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/37795
http://secunia.com/advisories/25909
Vendor Advisory
http://secunia.com/advisories/25914
Patch
Vendor Advisory
http://www.debian.org/security/2007/dsa-1327
Patch
http://www.securityfocus.com/bid/24717
https://exchange.xforce.ibmcloud.com/vulnerabilities/35401