Lucene search

[email protected]CVE-2007-3849

HistorySep 05, 2007 - 1:17 a.m.

CVE-2007-3849

2007-09-0501:17:00

CWE-264

[email protected]

web.nvd.nist.gov

red hat enterprise linux

rhel

aide

rpm

cve-2007-3849

file integrity check

nvd

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.1%

JSON

Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files.

Affected configurations

NVD

Node

redhatenterprise_linuxMatch5.0desktop

redhatenterprise_linuxMatch5.0server

CPENameOperatorVersion
redhat:enterprise_linuxredhat enterprise linuxeq5.0

CPE	Name	Operator	Version
redhat:enterprise_linux	redhat enterprise linux	eq	5.0

References

osvdb.org/40439

secunia.com/advisories/26711

www.redhat.com/support/errata/RHSA-2007-0539.html

www.securityfocus.com/bid/25542

www.securitytracker.com/id?1018652

bugzilla.redhat.com/show_bug.cgi?id=236923

exchange.xforce.ibmcloud.com/vulnerabilities/36452

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10217

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.1%

JSON

Related for CVE-2007-3849

openvas1 cvelist1 nessus4 redhat1 nvd1 centos1 veracode1 prion1 oraclelinux1