cvelistv5 - cve-2007-0470

CVE-2007-0470 (GCVE-0-2007-0470)

Vulnerability from cvelistv5

Published

2007-01-24 01:00

Modified

2024-08-07 12:19

Severity ?

CWE

Summary

Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.

References

URL

Tags

cve@mitre.org	http://osvdb.org/31616
cve@mitre.org	http://secunia.com/advisories/23821
cve@mitre.org	http://securitytracker.com/id?1017546
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1	Patch
cve@mitre.org	http://www.securityfocus.com/bid/22190
cve@mitre.org	http://www.vupen.com/english/advisories/2007/0317
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/31669
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/31616
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23821
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017546
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22190
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0317
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/31669
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:19:30.522Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1017546",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017546"
          },
          {
            "name": "102773",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1"
          },
          {
            "name": "solaris-tip-privilege-escalation(31669)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669"
          },
          {
            "name": "oval:org.mitre.oval:def:2038",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038"
          },
          {
            "name": "ADV-2007-0317",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0317"
          },
          {
            "name": "22190",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22190"
          },
          {
            "name": "23821",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23821"
          },
          {
            "name": "31616",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/31616"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-01-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1017546",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017546"
        },
        {
          "name": "102773",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1"
        },
        {
          "name": "solaris-tip-privilege-escalation(31669)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669"
        },
        {
          "name": "oval:org.mitre.oval:def:2038",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038"
        },
        {
          "name": "ADV-2007-0317",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0317"
        },
        {
          "name": "22190",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22190"
        },
        {
          "name": "23821",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23821"
        },
        {
          "name": "31616",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/31616"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0470",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1017546",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017546"
            },
            {
              "name": "102773",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1"
            },
            {
              "name": "solaris-tip-privilege-escalation(31669)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669"
            },
            {
              "name": "oval:org.mitre.oval:def:2038",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038"
            },
            {
              "name": "ADV-2007-0317",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0317"
            },
            {
              "name": "22190",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22190"
            },
            {
              "name": "23821",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23821"
            },
            {
              "name": "31616",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/31616"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0470",
    "datePublished": "2007-01-24T01:00:00",
    "dateReserved": "2007-01-23T00:00:00",
    "dateUpdated": "2024-08-07T12:19:30.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-0470\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-01-24T01:28:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades no especificadas en tip de Sun Solaris 8, 9, y 10 permite a usuarios locales obtener privilegios de cuentas uucp mediante vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"A711CDC2-412C-499D-9FA6-7F25B06267C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"7BF232A9-9E0A-481E-918D-65FC82EF36D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2475113-CFE4-41C8-A86F-F2DA6548D224\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/31616\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23821\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1017546\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/22190\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0317\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/31669\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/31616\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23821\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1017546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/22190\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0317\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/31669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2007-0470

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.

Aliases

CVE-2007-0470

Aliases

CVE-2007-0470

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-0470",
    "description": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.",
    "id": "GSD-2007-0470"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-0470"
      ],
      "details": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.",
      "id": "GSD-2007-0470",
      "modified": "2023-12-13T01:21:35.848770Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-0470",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1017546",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1017546"
          },
          {
            "name": "102773",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1"
          },
          {
            "name": "solaris-tip-privilege-escalation(31669)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669"
          },
          {
            "name": "oval:org.mitre.oval:def:2038",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038"
          },
          {
            "name": "ADV-2007-0317",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/0317"
          },
          {
            "name": "22190",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/22190"
          },
          {
            "name": "23821",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23821"
          },
          {
            "name": "31616",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/31616"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0470"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102773",
              "refsource": "SUNALERT",
              "tags": [
                "Patch"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1"
            },
            {
              "name": "22190",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/22190"
            },
            {
              "name": "1017546",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1017546"
            },
            {
              "name": "23821",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23821"
            },
            {
              "name": "31616",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/31616"
            },
            {
              "name": "ADV-2007-0317",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/0317"
            },
            {
              "name": "solaris-tip-privilege-escalation(31669)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669"
            },
            {
              "name": "oval:org.mitre.oval:def:2038",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:25Z",
      "publishedDate": "2007-01-24T01:28Z"
    }
  }
}

CERTA-2007-AVI-046

Vulnerability from certfr_avis

Une vulnérabilité de la commande tip dans Sun Solaris permettrait à une personne malveillante locale d'élever ses privilèges sur le système vulnérable.

Description

La commande tip permet sous Sun Solaris de se connecter à un système distant, par exemple via un port série. Sa configuration se trouve normalement dans le fichier /etc/remote, et l'utilisateur uucp est associé à ses privilèges d'accès.

Une vulnérabilité de cette commande permettrait à un utilisateur malveillant local d'exécuter du code arbitraire avec les privilèges de l'utilisateur uucp, quels que soient les siens.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Sun Solaris 10.
N/A	N/A	Sun Solaris 8 ;
N/A	N/A	Sun Solaris 9 ;

References

Title

Publication Time

ghsa-cw7v-c6ph-vc8g

Vulnerability from github

Published

2022-05-01 17:44

Modified

2022-05-01 17:44

Details

Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-0470"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-01-24T01:28:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.",
  "id": "GHSA-cw7v-c6ph-vc8g",
  "modified": "2022-05-01T17:44:35Z",
  "published": "2022-05-01T17:44:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0470"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/31616"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23821"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1017546"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/22190"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/0317"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2007-0470

Vulnerability from fkie_nvd

Published

2007-01-24 01:28

Modified

2025-04-09 00:30

Severity ?

Summary

Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://osvdb.org/31616
cve@mitre.org	http://secunia.com/advisories/23821
cve@mitre.org	http://securitytracker.com/id?1017546
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1	Patch
cve@mitre.org	http://www.securityfocus.com/bid/22190
cve@mitre.org	http://www.vupen.com/english/advisories/2007/0317
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/31669
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/31616
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23821
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017546
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22190
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0317
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/31669
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038

Impacted products

Vendor	Product	Version
sun	solaris	9.0
sun	solaris	10.0
sun	sunos	5.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en tip de Sun Solaris 8, 9, y 10 permite a usuarios locales obtener privilegios de cuentas uucp mediante vectores no especificados."
    }
  ],
  "id": "CVE-2007-0470",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-01-24T01:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/31616"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23821"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017546"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/22190"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0317"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/31616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/22190"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0317"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-0470 (GCVE-0-2007-0470)

Vulnerability from cvelistv5

gsd-2007-0470

Vulnerability from gsd

CERTA-2007-AVI-046

Vulnerability from certfr_avis

Description

Solution

ghsa-cw7v-c6ph-vc8g

Vulnerability from github

fkie_cve-2007-0470

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature