6.8 Medium
AI Score
Confidence
Low
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
14.2%
Multiple stack-based buffer overflows in utilities/smb4k_*.cpp in Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to gain privileges via unspecified vectors related to the args variable and unspecified other variables, in conjunction with the sudo configuration.
CPE | Name | Operator | Version |
---|---|---|---|
smb4k:smb4k | smb4k | eq | 0.7 |
smb4k:smb4k | smb4k | eq | 0.4 |
smb4k:smb4k | smb4k | eq | 0.6 |
smb4k:smb4k | smb4k | eq | 0.5 |
developer.berlios.de/bugs/?func=detailbug&bug_id=9631&group_id=769
developer.berlios.de/project/shownotes.php?release_id=11706
developer.berlios.de/project/shownotes.php?release_id=11902
developer.berlios.de/project/shownotes.php?release_id=9777
lists.suse.com/archive/suse-security-announce/2007-Jan/0015.html
secunia.com/advisories/23937
secunia.com/advisories/23984
secunia.com/advisories/24111
secunia.com/advisories/24469
www.gentoo.org/security/en/glsa/glsa-200703-09.xml
www.mandriva.com/security/advisories?name=MDKSA-2007:042
www.securityfocus.com/bid/22299
www.vupen.com/english/advisories/2007/0393
lists.berlios.de/pipermail/smb4k-announce/2006-December/000037.html