CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
30.4%
smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | 2.6.8 | cpe:/o:linux:linux_kernel:2.6.8::: |
linux | linux_kernel | 2.4.33 | cpe:/o:linux:linux_kernel:2.4.33::: |
secunia.com/advisories/23361
secunia.com/advisories/23370
secunia.com/advisories/23395
secunia.com/advisories/25683
www.debian.org/security/2006/dsa-1233
www.novell.com/linux/security/advisories/2007_35_kernel.html
www.securityfocus.com/bid/21523
www.us.debian.org/security/2006/dsa-1237
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10171