fkie_cve-2007-4131
Vulnerability from fkie_nvd
Published
2007-08-25 00:17
Modified
2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
References
secalert@redhat.comhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251921
secalert@redhat.comhttp://docs.info.apple.com/article.html?artnum=307179
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
secalert@redhat.comhttp://secunia.com/advisories/26573
secalert@redhat.comhttp://secunia.com/advisories/26590
secalert@redhat.comhttp://secunia.com/advisories/26603
secalert@redhat.comhttp://secunia.com/advisories/26604
secalert@redhat.comhttp://secunia.com/advisories/26655
secalert@redhat.comhttp://secunia.com/advisories/26673
secalert@redhat.comhttp://secunia.com/advisories/26674
secalert@redhat.comhttp://secunia.com/advisories/26781
secalert@redhat.comhttp://secunia.com/advisories/26822
secalert@redhat.comhttp://secunia.com/advisories/26984
secalert@redhat.comhttp://secunia.com/advisories/27453
secalert@redhat.comhttp://secunia.com/advisories/27861
secalert@redhat.comhttp://secunia.com/advisories/28136
secalert@redhat.comhttp://secunia.com/advisories/28255
secalert@redhat.comhttp://security.FreeBSD.org/advisories/FreeBSD-SA-07:10.gtar.asc
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-200709-09.xml
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2007-383.htm
secalert@redhat.comhttp://www.debian.org/security/2007/dsa-1438
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:173
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2007_18_sr.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2007-0860.htmlPatch
secalert@redhat.comhttp://www.securityfocus.com/archive/1/477731/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/477865/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/25417
secalert@redhat.comhttp://www.securitytracker.com/id?1018599
secalert@redhat.comhttp://www.trustix.org/errata/2007/0026/
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-506-1
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA07-352A.htmlUS Government Resource
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2958
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/4238
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-1631
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10420
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7779
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html
af854a3a-2127-422b-91ae-364da2661108http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251921
af854a3a-2127-422b-91ae-364da2661108http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26573
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26590
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26603
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26604
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26655
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26673
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26674
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26781
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26822
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26984
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27453
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27861
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28136
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28255
af854a3a-2127-422b-91ae-364da2661108http://security.FreeBSD.org/advisories/FreeBSD-SA-07:10.gtar.asc
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200709-09.xml
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2007-383.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2007/dsa-1438
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:173
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_18_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0860.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/477731/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/477865/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/25417
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018599
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2007/0026/
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-506-1
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA07-352A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2958
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1631
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10420
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7779
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html
Impacted products
Vendor Product Version
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 5.0
redhat enterprise_linux_desktop 5.0
rpath rpath_linux 1
gnu tar 1.13
gnu tar 1.13.5
gnu tar 1.13.11
gnu tar 1.13.14
gnu tar 1.13.16
gnu tar 1.13.17
gnu tar 1.13.18
gnu tar 1.13.19
gnu tar 1.13.25
gnu tar 1.14
gnu tar 1.14.90
gnu tar 1.15
gnu tar 1.15.1
gnu tar 1.15.90
gnu tar 1.15.91
gnu tar 1.16


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*",
              "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:desktop:*:*:*:*:*",
              "matchCriteriaId": "3499D0E2-C80B-4B91-8843-8EC3C22E8BC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*",
              "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*",
              "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
              "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*",
              "matchCriteriaId": "13B6DE5F-3143-4C63-8D8D-4679CF0F9DC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD12BC0-1E50-49C6-AD0D-8CE90F0E8449",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FA7050-9C48-490C-974E-BBED58A70E9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BCC81C4-718C-4D1C-9C0B-A49B6986D9EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "504BA480-EF7F-4604-A9D4-50C6C8576D1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2095CF90-0433-4F9A-A5F5-74A5C401E703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "322AD74F-6976-4261-9609-5678293B1FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "471DDE51-BE1B-48D1-AC07-D8CE971F0F9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FAAF649-BE68-47E2-BD25-EF9DF9B26655",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94C4466-E3D2-4275-86A8-5D180F493B04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.13.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "60CD7558-833D-473B-99A4-854FB6CC6C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C1F89-63A8-4955-9C42-3B49EC1C1C78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.14.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E3F6678-D645-4614-8C57-2833BE8BE77E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE339D0-D585-440D-8BD4-5183833258F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8B4A20D-AAD0-4857-AC0F-D221EBB08BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.15.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B46F22-B0FB-4F99-B44E-D34E0DD5D194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.15.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D8F228C-6DED-42A2-BE9B-944171EAC10C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:tar:1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6D83BA-6C85-43F3-87FD-A77CC6F1D21A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en la funci\u00f3n contains_dot_dot de src/names.c en GNU tar permite a atacantes remotos con la complicidad del usuario sobre-escribir ficheros de su elecci\u00f3n mediante determinadas secuencias //.. (barra barra punto punto) en los enlaces simb\u00f3licos de directorio en un fichero TAR."
    }
  ],
  "id": "CVE-2007-4131",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-25T00:17:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251921"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26573"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26590"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26603"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26604"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26655"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26673"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26674"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26781"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26822"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26984"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27453"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27861"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28255"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-07:10.gtar.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200709-09.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-383.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1438"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:173"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0860.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/477731/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/477865/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/25417"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1018599"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2007/0026/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-506-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2958"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1631"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10420"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7779"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26655"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26781"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26822"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-07:10.gtar.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200709-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-383.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0860.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/477731/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/477865/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25417"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2007/0026/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-506-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2958"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7779"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.