7.2

CVE-2007-3912

checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DebianDebian-goodies Version0.27
DebianDebian-goodies Version0.33
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.262
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440411
Patch
http://osvdb.org/40483
http://secunia.com/advisories/26675
Vendor Advisory
http://secunia.com/advisories/27079
http://www.debian.org/security/2008/dsa-1527
http://www.securityfocus.com/bid/25569
http://www.ubuntu.com/usn/usn-526-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/36475