Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-5964HistoryDec 13, 2007 - 6:46 p.m.
CVE-2007-5964
2007-12-1318:46:00
Debian Security Bug Tracker
security-tracker.debian.org
6
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
10.1%
The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NFS server.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | autofs | < 3.1.4-8 | autofs_3.1.4-8_all.deb |
| Debian | 11 | all | autofs | < 3.1.4-8 | autofs_3.1.4-8_all.deb |
| Debian | 999 | all | autofs | < 3.1.4-8 | autofs_3.1.4-8_all.deb |
Related
redhat
redhat
(RHSA-2007:1128) Important: autofs security update
2007-12-12 00:00:00
(RHSA-2007:1129) Important: autofs5 security update
2007-12-12 00:00:00
(RHSA-2007:1176) Important: autofs security update
2007-12-20 00:00:00
nessus
nessus
CentOS 5 : autofs (CESA-2007:1128)
2010-01-06 00:00:00
Fedora 8 : autofs-5.0.2-20 (2007-4532)
2007-12-17 00:00:00
CentOS 4 : autofs5 (CESA-2007:1129)
2013-06-29 00:00:00
openvas
openvas
RedHat Update for autofs RHSA-2007:1128-01
2009-03-06 00:00:00
RedHat Update for autofs RHSA-2007:1128-01
2009-03-06 00:00:00
Oracle: Security Advisory (ELSA-2007-1128)
2015-10-08 00:00:00
prion
prion
Default configuration
2007-12-13 18:46:00
fedora
fedora
[SECURITY] Fedora 7 Update: autofs-5.0.1-29
2007-12-15 19:25:29
[SECURITY] Fedora 8 Update: autofs-5.0.2-20
2007-12-15 19:29:54
[SECURITY] Fedora 8 Update: autofs-5.0.2-24
2007-12-21 21:10:37
ubuntucve
ubuntucve
CVE-2007-5964
2007-12-13 00:00:00
cvelist
cvelist
CVE-2007-5964
2007-12-13 18:00:00
oraclelinux
oraclelinux
Important: autofs5 security update
2007-12-12 00:00:00
Important: autofs security update
2007-12-12 00:00:00
centos
centos
autofs security update
2007-12-12 14:56:48
autofs5 security update
2007-12-12 19:39:58
autofs security update
2008-01-13 19:05:52
nvd
nvd
CVE-2007-5964
2007-12-13 18:46:00
cve
cve
CVE-2007-5964
2007-12-13 18:46:00
securityvulns
securityvulns
autofs privilege escalation
2008-01-13 00:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
10.1%
Related for DEBIANCVE:CVE-2007-5964