6.3 Medium
AI Score
Confidence
Low
3.4 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:M/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
9.3%
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
CPE | Name | Operator | Version |
---|---|---|---|
redhat:enterprise_linux | redhat enterprise linux | eq | 4.4 |
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
osvdb.org/37271
secunia.com/advisories/25631
secunia.com/advisories/25894
secunia.com/advisories/26909
secunia.com/advisories/27590
secunia.com/advisories/27706
secunia.com/advisories/28319
security.gentoo.org/glsa/glsa-200711-23.xml
support.avaya.com/elmodocs2/security/ASA-2007-526.htm
www.redhat.com/support/errata/RHSA-2007-0465.html
www.redhat.com/support/errata/RHSA-2007-0555.html
www.redhat.com/support/errata/RHSA-2007-0737.html
www.vupen.com/english/advisories/2007/3229
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230823
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11483