Lucene search

[email protected]NVD:CVE-2007-0253

HistoryJan 16, 2007 - 11:28 p.m.

CVE-2007-0253

2007-01-1623:28:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

20.8%

JSON

Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that “the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities.” The developer also cites a past disclosure that was not proven

Affected configurations

Nvd

Node

grsecuritygrsecurity_kernel_patch

VendorProductVersionCPE
grsecuritygrsecurity_kernel_patch*cpe:2.3:a:grsecurity:grsecurity_kernel_patch:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
grsecurity	grsecurity_kernel_patch	*	cpe:2.3:a:grsecurity:grsecurity_kernel_patch::::::::

References

forums.grsecurity.net/viewtopic.php?t=1646

grsecurity.net/news.php#digitalfud

www.digitalarmaments.com/news_news.shtml

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

20.8%

JSON

Related for NVD:CVE-2007-0253

cve1 cvelist1 prion1 securityvulns1