Lucene search

[email protected]CVE-2007-0227

HistoryJan 13, 2007 - 2:28 a.m.

CVE-2007-0227

2007-01-1302:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

slocate

database management

local users

privacy issue

cve-2007-0227

5.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7.

CPENameOperatorVersion
slocate:slocateslocateeq3.1

CPE	Name	Operator	Version
slocate:slocate	slocate	eq	3.1

References

osvdb.org/33465

www.securityfocus.com/archive/1/456489/100/0/threaded

www.securityfocus.com/archive/1/456530/100/0/threaded

www.securityfocus.com/archive/1/456593/100/0/threaded

www.securityfocus.com/archive/1/456739/100/0/threaded

www.securityfocus.com/archive/1/464220/30/7320/threaded

www.securityfocus.com/bid/21989

www.ubuntu.com/usn/usn-425-1

5.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for CVE-2007-0227

openvas3 prion1 ubuntu1 nessus3 ubuntucve1 slackware1