Lucene search

PRIOn knowledge basePRION:CVE-2007-4135

HistorySep 05, 2007 - 1:17 a.m.

Code injection

2007-09-0501:17:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.6%

JSON

The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup, which can cause it to report a file as being owned by “root” instead of “nobody” if the file exists on the server but not on the client.

CPENameOperatorVersion
nfsidmaple0.16.22

CPE	Name	Operator	Version
	nfsidmap	le	0.16.22

References

osvdb.org/45825

secunia.com/advisories/26674

secunia.com/advisories/27043

www.mandriva.com/security/advisories?name=MDKSA-2007:240

www.novell.com/linux/security/advisories/2007_18_sr.html

www.redhat.com/support/errata/RHSA-2007-0951.html

www.securityfocus.com/bid/26767

exchange.xforce.ibmcloud.com/vulnerabilities/36396

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9864

6.4 Medium

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.6%

JSON

Related for PRION:CVE-2007-4135