Lucene search

[email protected]CVE-2007-5827

HistoryNov 05, 2007 - 7:46 p.m.

CVE-2007-5827

2007-11-0519:46:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2007-5827

iscsi

enterprise target

iscsitarget

weak permissions

local users

passwords

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords.

Affected configurations

NVD

Node

debiandebian_linuxMatch4.0

debiandebian_linuxMatch4.0alpha

debiandebian_linuxMatch4.0amd64

debiandebian_linuxMatch4.0arm

debiandebian_linuxMatch4.0hppa

debiandebian_linuxMatch4.0ia-32

debiandebian_linuxMatch4.0ia-64

debiandebian_linuxMatch4.0m68k

debiandebian_linuxMatch4.0mips

debiandebian_linuxMatch4.0mipsel

debiandebian_linuxMatch4.0powerpc

debiandebian_linuxMatch4.0s390

debiandebian_linuxMatch4.0sparc

AND

iscsitargetiscsitargetMatch0.4.15

CPENameOperatorVersion
iscsitarget:iscsitargetiscsitargeteq0.4.15

CPE	Name	Operator	Version
iscsitarget:iscsitarget	iscsitarget	eq	0.4.15

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=448873

osvdb.org/42037

secunia.com/advisories/27483

www.securityfocus.com/bid/26299

exchange.xforce.ibmcloud.com/vulnerabilities/38228

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-5827

cvelist1 nvd1 ubuntucve1 prion1