6.4

CVE-2007-3945

EPSS 0.75%
Published 23.07.2007 23:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Rsbac ≫ Rule Set Based Access Control Version < 1.3.5

Linux ≫ Linux Kernel Version >= 2.6.0 <= 2.6.39.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.75%	0.722

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt

Vendor Advisory

http://secunia.com/advisories/26147

Broken Link

http://securityreason.com/securityalert/2911

Third Party Advisory

http://www.securityfocus.com/archive/1/474161/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/25001

Third Party Advisory

Broken Link

VDB Entry

http://www.vupen.com/english/advisories/2007/2610

URL Repurposed

https://nvd.nist.gov/vuln/detail/CVE-2007-3945

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-3945

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-3945

EUVD