4.4
CVE-2007-3740
- EPSS 0.38%
- Veröffentlicht 14.09.2007 01:17:00
- Zuletzt bearbeitet 16.06.2026 22:42:38
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version <= 2.6.21.7
Linux ≫ Linux Kernel Version2.2.27
Linux ≫ Linux Kernel Version2.4.36
Linux ≫ Linux Kernel Version2.4.36.1
Linux ≫ Linux Kernel Version2.4.36.2
Linux ≫ Linux Kernel Version2.4.36.3
Linux ≫ Linux Kernel Version2.4.36.4
Linux ≫ Linux Kernel Version2.4.36.5
Linux ≫ Linux Kernel Version2.4.36.6
Linux ≫ Linux Kernel Version2.6
Linux ≫ Linux Kernel Version2.6.18
Linux ≫ Linux Kernel Version2.6.18 Updaterc1
Linux ≫ Linux Kernel Version2.6.18 Updaterc2
Linux ≫ Linux Kernel Version2.6.18 Updaterc3
Linux ≫ Linux Kernel Version2.6.18 Updaterc4
Linux ≫ Linux Kernel Version2.6.18 Updaterc5
Linux ≫ Linux Kernel Version2.6.18 Updaterc6
Linux ≫ Linux Kernel Version2.6.18 Updaterc7
Linux ≫ Linux Kernel Version2.6.19.4
Linux ≫ Linux Kernel Version2.6.19.5
Linux ≫ Linux Kernel Version2.6.19.6
Linux ≫ Linux Kernel Version2.6.19.7
Linux ≫ Linux Kernel Version2.6.20.16
Linux ≫ Linux Kernel Version2.6.20.17
Linux ≫ Linux Kernel Version2.6.20.18
Linux ≫ Linux Kernel Version2.6.20.19
Linux ≫ Linux Kernel Version2.6.20.20
Linux ≫ Linux Kernel Version2.6.20.21
Linux ≫ Linux Kernel Version2.6.21.5
Linux ≫ Linux Kernel Version2.6.21.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.297 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 3.4 | 6.4 |
AV:L/AC:M/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/29058
http://www.debian.org/security/2008/dsa-1504
http://www.mandriva.com/security/advisories?name=MDVSA-2008:008
http://secunia.com/advisories/27436
http://secunia.com/advisories/27747
http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
http://www.redhat.com/support/errata/RHSA-2007-0939.html
http://secunia.com/advisories/26760
http://www.redhat.com/support/errata/RHSA-2007-0705.html
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://secunia.com/advisories/28806
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html
http://secunia.com/advisories/27912
http://www.mandriva.com/security/advisories?name=MDVSA-2008:105
http://secunia.com/advisories/26978
http://www.debian.org/security/2007/dsa-1378
http://secunia.com/advisories/26955
http://www.ubuntu.com/usn/usn-518-1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22
http://www.securityfocus.com/bid/25672
https://bugzilla.redhat.com/show_bug.cgi?id=253314
https://exchange.xforce.ibmcloud.com/vulnerabilities/36593
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9953