6.2

CVE-2007-6285

The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatEnterprise Linux Version4.0
RedhatEnterprise Linux Version5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.272
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.2 1.9 10
AV:L/AC:H/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/28456
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:009
http://osvdb.org/40442
http://rhn.redhat.com/errata/RHSA-2007-1176.html
http://rhn.redhat.com/errata/RHSA-2007-1177.html
http://secunia.com/advisories/28156
Vendor Advisory
http://secunia.com/advisories/28168
Vendor Advisory
http://securitytracker.com/id?1019137
http://www.securityfocus.com/bid/26970
https://bugzilla.redhat.com/show_bug.cgi?id=426218
https://exchange.xforce.ibmcloud.com/vulnerabilities/39188
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11457
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00726.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00732.html