Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-1716
HistoryMar 27, 2007 - 10:19 p.m.

CVE-2007-1716

2007-03-2722:19:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
22
cve-2007-1716
pam_console
ownership restoration
local users
privilege escalation
nvd

6.3 Medium

AI Score

Confidence

Low

3.4 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:M/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.3%

JSON

pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.

Related

securityvulns 2
veracode 1
prion 1
nessus 12
redhat 3
centos 2
openvas 3
oraclelinux 3
gentoo 1
vmware 1
securityvulns
securityvulns
Linux pam_console privilege escalation
2007-03-29 00:00:00
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
2007-09-21 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:16:10
prion
prion
Code injection
2007-03-27 22:19:00
nessus
nessus
Scientific Linux Security Update : pam on SL5.x
2012-08-01 00:00:00
Oracle Linux 5 : pam (ELSA-2007-0555)
2023-09-07 00:00:00
RHEL 4 : pam (RHSA-2007:0737)
2007-11-16 00:00:00
redhat
redhat
(RHSA-2007:0737) Moderate: pam security, bug fix, and enhancement update
2007-11-15 00:00:00
(RHSA-2007:0465) Moderate: pam security and bug fix update
2007-06-11 13:45:45
(RHSA-2007:0555) Moderate: pam security, bug fix, and enhancement update
2007-11-07 00:00:00
centos
centos
pam security update
2007-11-15 17:15:52
cdda2wav, cdrecord, mkisofs, pam security update
2007-06-11 20:19:31
openvas
openvas
Oracle: Security Advisory (ELSA-2007-0555)
2015-10-08 00:00:00
Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)
2008-09-24 00:00:00
oraclelinux
oraclelinux
pam security, bug fix, and enhancement update
2007-11-19 00:00:00
pam security, bug fix, and enhancement update
2007-11-27 00:00:00
Moderate: pam security and bug fix update
2007-06-20 00:00:00
gentoo
gentoo
VMware Workstation and Player: Multiple vulnerabilities
2007-11-18 00:00:00
vmware
vmware
Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.
2007-09-18 00:00:00

6.3 Medium

AI Score

Confidence

Low

3.4 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:M/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.3%

JSON
Related for CVE-2007-1716
securityvulns2veracode1prion1nessus12redhat3centos2openvas3oraclelinux3gentoo1vmware1