4.4

CVE-2007-3740

The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.21.7
LinuxLinux Kernel Version2.2.27
LinuxLinux Kernel Version2.4.36
LinuxLinux Kernel Version2.4.36.1
LinuxLinux Kernel Version2.4.36.2
LinuxLinux Kernel Version2.4.36.3
LinuxLinux Kernel Version2.4.36.4
LinuxLinux Kernel Version2.4.36.5
LinuxLinux Kernel Version2.4.36.6
LinuxLinux Kernel Version2.6
LinuxLinux Kernel Version2.6.18
LinuxLinux Kernel Version2.6.18 Updaterc1
LinuxLinux Kernel Version2.6.18 Updaterc2
LinuxLinux Kernel Version2.6.18 Updaterc3
LinuxLinux Kernel Version2.6.18 Updaterc4
LinuxLinux Kernel Version2.6.18 Updaterc5
LinuxLinux Kernel Version2.6.18 Updaterc6
LinuxLinux Kernel Version2.6.18 Updaterc7
LinuxLinux Kernel Version2.6.19.4
LinuxLinux Kernel Version2.6.19.5
LinuxLinux Kernel Version2.6.19.6
LinuxLinux Kernel Version2.6.19.7
LinuxLinux Kernel Version2.6.20.16
LinuxLinux Kernel Version2.6.20.17
LinuxLinux Kernel Version2.6.20.18
LinuxLinux Kernel Version2.6.20.19
LinuxLinux Kernel Version2.6.20.20
LinuxLinux Kernel Version2.6.20.21
LinuxLinux Kernel Version2.6.21.5
LinuxLinux Kernel Version2.6.21.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.38% 0.297
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.4 3.4 6.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29058
Vendor Advisory
http://www.debian.org/security/2008/dsa-1504
http://www.mandriva.com/security/advisories?name=MDVSA-2008:008
http://secunia.com/advisories/27436
Vendor Advisory
http://secunia.com/advisories/27747
Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
http://www.redhat.com/support/errata/RHSA-2007-0939.html
http://secunia.com/advisories/26760
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0705.html
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://secunia.com/advisories/28806
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html
http://secunia.com/advisories/27912
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:105
http://secunia.com/advisories/26978
Vendor Advisory
http://www.debian.org/security/2007/dsa-1378
http://secunia.com/advisories/26955
Vendor Advisory
http://www.ubuntu.com/usn/usn-518-1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22
http://www.securityfocus.com/bid/25672
https://bugzilla.redhat.com/show_bug.cgi?id=253314
https://exchange.xforce.ibmcloud.com/vulnerabilities/36593
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9953