Lucene search

Ubuntu.comUB:CVE-2007-0472

HistoryFeb 03, 2007 - 12:00 a.m.

CVE-2007-0472

2007-02-0300:00:00

ubuntu.com

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

14.4%

JSON

Multiple race conditions in Smb4K before 0.8.0 allow local users to (1)
modify arbitrary files via unspecified manipulations of Smb4K’s lock file,
which is not properly handled by the remove_lock_file function in
core/smb4kfileio.cpp, and (2) add lines to the sudoers file via a symlink
attack on temporary files, which isn’t properly handled by the writeFile
function in core/smb4kfileio.cpp.

OSVersionArchitecturePackageVersionFilename
ubuntu7.04noarchsmb4k< 0.8.0-1build1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	7.04	noarch	smb4k	< 0.8.0-1build1	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2007-0472

nvd.nist.gov/vuln/detail/CVE-2007-0472

security-tracker.debian.org/tracker/CVE-2007-0472

www.cve.org/CVERecord?id=CVE-2007-0472

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

14.4%

JSON

Related for UB:CVE-2007-0472