| Vulnerability Name: | CVE-2007-1507 (CCN-33180) | ||||||||
| Assigned: | 2007-03-20 | ||||||||
| Published: | 2007-03-20 | ||||||||
| Updated: | 2017-07-29 | ||||||||
| Summary: | The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid programs within the local cell, which might allow attackers to gain privileges by spoofing a response to an AFS cache manager FetchStatus request, and setting setuid and root ownership for files in the cache. | ||||||||
| CVSS v3 Severity: | 8.0 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-16 | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2007-1507 Source: CCN Type: SA24582 OpenAFS Spoofed "FetchStatus" Privilege Escalation Source: SECUNIA Type: Vendor Advisory 24582 Source: SECUNIA Type: Vendor Advisory 24599 Source: SECUNIA Type: Vendor Advisory 24607 Source: SECUNIA Type: UNKNOWN 24720 Source: GENTOO Type: UNKNOWN GLSA-200704-03 Source: CCN Type: SECTRACK ID: 1017807 OpenAFS FetchStatus Spoofing Lets Remote Users Gain Elevated Privileges Source: DEBIAN Type: Vendor Advisory DSA-1271 Source: DEBIAN Type: DSA-1271 openafs -- design error Source: CCN Type: GLSA-200704-03 OpenAFS: Privilege escalation Source: MANDRIVA Type: UNKNOWN MDKSA-2007:066 Source: CCN Type: OPENAFS-SA-2007-001 setuid (privilege escalation) in OpenAFS Unix based clients Source: MLIST Type: Vendor Advisory [OpenAFS-announce] 20070319 OpenAFS 1.4.4 available Source: MLIST Type: Patch, Vendor Advisory [OpenAFS-announce] 20070319 OpenAFS 1.5.17 release available Source: MLIST Type: UNKNOWN [OpenAFS-announce] 20070320 OpenAFS Security Advisory 2007-001: privilege escalation in Unix-based clients Source: CCN Type: OSVDB ID: 34368 OpenAFS Cache Manager FetchStatus Request Spoofing Privilege Escalation Source: BID Type: UNKNOWN 23060 Source: CCN Type: BID-23060 OpenAFS FetchStatus Reply Privilege Escalation Vulnerability Source: SECTRACK Type: UNKNOWN 1017807 Source: VUPEN Type: Vendor Advisory ADV-2007-1033 Source: XF Type: UNKNOWN openafs-setuid-privilege-escalation(33180) Source: XF Type: UNKNOWN openafs-setuid-privilege-escalation(33180) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||