Lucene search
UbuntuUSN-516-1HistorySep 20, 2007 - 12:00 a.m.
xfsdump vulnerability
2007-09-2000:00:00
ubuntu.com
28
6.1 Medium
AI Score
Confidence
Low
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Releases
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06
Packages
- xfsdump -
Details
Paul Martin discovered that xfs_fsr creates a temporary directory
with insecure permissions. This allows a local attacker to exploit a
race condition in xfs_fsr to read or overwrite arbitrary files on xfs
filesystems.
References
Related
cve
cve
CVE-2007-2654
2007-05-14 21:19:00
nessus
nessus
Ubuntu 6.06 LTS / 6.10 / 7.04 : xfsdump vulnerability (USN-516-1)
2007-11-10 00:00:00
Mandrake Linux Security Advisory : xfsdump (MDKSA-2007:134)
2007-06-27 00:00:00
openvas
openvas
Mandriva Update for xfsdump MDKSA-2007:134 (xfsdump)
2009-04-09 00:00:00
Ubuntu Update for xfsdump vulnerability USN-516-1
2009-03-23 00:00:00
Mandriva Update for xfsdump MDKSA-2007:134 (xfsdump)
2009-04-09 00:00:00
securityvulns
securityvulns
xfsdump symbolic links vulnerability
2007-06-22 00:00:00
ubuntucve
ubuntucve
CVE-2007-2654
2007-05-14 00:00:00
debiancve
debiancve
CVE-2007-2654
2007-05-14 21:19:00
prion
prion
Directory traversal
2007-05-14 21:19:00
6.1 Medium
AI Score
Confidence
Low
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Related for USN-516-1