Vulnerability Name: | CVE-2007-0392 (CCN-31693) | ||||||||
Assigned: | 2007-01-18 | ||||||||
Published: | 2007-01-18 | ||||||||
Updated: | 2018-10-16 | ||||||||
Summary: | IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | ||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.0 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:U/RC:UR)
6.1 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:UR)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: CCN Type: BugTraq Mailing List, Thu Jan 18 2007 - 08:21:52 CST Multiple OS kernel insecure handling of stdio file descriptor Source: MITRE Type: CNA CVE-2007-0392 Source: MITRE Type: CNA CVE-2007-0393 Source: MITRE Type: CNA CVE-2007-0394 Source: CCN Type: HP-UX Web site HP-UX 11i - Value leadership for enterprise UNIX Source: CCN Type: IBM AIX Web site IBM AIX 5L: UNIX operating system - an open UNIX solution Source: BUGTRAQ Type: UNKNOWN 20070118 Multiple OS kernel insecure handling of stdio file descriptor Source: BUGTRAQ Type: UNKNOWN 20070118 Re: Multiple OS kernel insecure handling of stdio file descriptor Source: CCN Type: Sun Solaris Web site Sun Microsystems Source: XF Type: UNKNOWN multipleos-descriptor-privilege-escalation(31693) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |