admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-62xx/CVE-2007-6206.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

408 lines
12 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-6206",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-12-04T00:46:00.000",
"lastModified": "2020-08-12T19:26:48.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information."
},
{
"lang": "es",
"value": "La funci\u00f3n do_coredump en el archivo fs/exec.c en el kernel de Linux versiones 2.4.x y versiones 2.6.x hasta 2.6.24-rc3, y posiblemente otras versiones, no cambia el UID de un archivo de volcado de n\u00facleo si \u00e9ste existe antes de una creaci\u00f3n de proceso root en un volcado de n\u00facleo en la misma ubicaci\u00f3n, lo que podr\u00eda permitir a los usuarios locales obtener informaci\u00f3n confidencial."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.0",
"versionEndIncluding": "2.4.35.2",
"matchCriteriaId": "91D6F35D-14A9-4F0B-816F-B89F7AAA3A20"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "2.6.24",
"matchCriteriaId": "D7B67565-ADA8-46B9-B3E0-2100CD53EE67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:-:*:*:*:*:*:*",
"matchCriteriaId": "6F3E61F3-1CF1-4176-94CD-89A408BCFC96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc1:*:*:*:*:*:*",
"matchCriteriaId": "085259B8-9D41-42B0-B32B-66B8D365F106"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*",
"matchCriteriaId": "9A12DE15-E192-4B90-ADB7-A886B3746DD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:*:*:*:*:*:*",
"matchCriteriaId": "FF6588E7-F4FA-40F5-8945-FC7B6094376E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24818450-FDA1-429A-AC17-68F44F584217"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B68DF-1440-4587-8458-9C5F4D1E43F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C8FC5E32-C9E3-49F6-9481-1DB60DEE8A07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:10:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E2120267-502B-4662-96BA-F32289F64B0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*",
"matchCriteriaId": "29184B59-5756-48DB-930C-69D5CD628548"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp1:*:*:*:*:*:*",
"matchCriteriaId": "33EB57D5-DE8D-417C-8C00-AD331D61181C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F81695D5-64C0-42B7-A048-1309C908F943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73322DEE-27A6-4D18-88A3-ED7F9CAEABD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B5DCF29-6830-45FF-BC88-17E2249C653D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468"
}
]
}
]
}
],
"references": [
{
"url": "http://bugzilla.kernel.org/show_bug.cgi?id=3043",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=c46f739dd39db3b07ab5deb4e3ec81e1c04a91af",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000023.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2008-0055.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.debian.org/security/2007/dsa-1436",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2008/dsa-1503",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2008/dsa-1504",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:086",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:112",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0089.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0211.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0787.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/487808/100/0/threaded",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/26701",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.ubuntu.com/usn/usn-574-1",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/usn-578-1",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/4090",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/2222/references",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38841",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10719",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink