ID |
CVE-2007-0475
|
Summary |
Multiple stack-based buffer overflows in utilities/smb4k_*.cpp in Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to gain privileges via unspecified vectors related to the args variable and unspecified other variables, in conjunction with the sudo configuration. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:smb4k:smb4k:0.4:*:*:*:*:*:*:*
cpe:2.3:a:smb4k:smb4k:0.4:*:*:*:*:*:*:*
-
cpe:2.3:a:smb4k:smb4k:0.5:*:*:*:*:*:*:*
cpe:2.3:a:smb4k:smb4k:0.5:*:*:*:*:*:*:*
-
cpe:2.3:a:smb4k:smb4k:0.6:*:*:*:*:*:*:*
cpe:2.3:a:smb4k:smb4k:0.6:*:*:*:*:*:*:*
-
cpe:2.3:a:smb4k:smb4k:0.7:*:*:*:*:*:*:*
cpe:2.3:a:smb4k:smb4k:0.7:*:*:*:*:*:*:*
|
CVSS |
Base: | 4.4 (as of 08-03-2011 - 02:49) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:M/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bid | 22299 | confirm | | gentoo | GLSA-200703-09 | mandriva | MDKSA-2007:042 | mlist | [smb4k-announce] 20061221 Smb4K 0.8.0 and security fixes released | secunia | | suse | SUSE-SR:2007:002 | vupen | ADV-2007-0393 |
|
Last major update |
08-03-2011 - 02:49 |
Published |
03-02-2007 - 23:28 |
Last modified |
08-03-2011 - 02:49 |