Lucene search

[email protected]CVE-2007-4027

HistoryJul 26, 2007 - 7:30 p.m.

CVE-2007-4027

2007-07-2619:30:00

[email protected]

web.nvd.nist.gov

cve-2007-4027

buffer overflow

areca cli

privilege escalation

security vulnerability

6.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Buffer overflow in cli32 in Areca CLI 1.72.250 and earlier might allow local users to gain privileges via a long argument. NOTE: this program is not setuid by default, but there are some usage scenarios in which an administrator might make it setuid.

Affected configurations

NVD

Node

arecacliRange≤1.72.250

CPENameOperatorVersion
areca:cliareca clile1.72.250

CPE	Name	Operator	Version
areca:cli	areca cli	le	1.72.250

References

osvdb.org/38999

securityreason.com/securityalert/2928

www.devtarget.org/areca-advisory-07-2007.txt

www.securityfocus.com/archive/1/474415/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/35546

6.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-4027

cvelist1 prion1 nvd1