CVE-2007-0475

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-0475
Multiple stack-based buffer overflows in utilities/smb4k_*.cpp in Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to gain privileges via unspecified vectors related to the args variable and unspecified other variables, in conjunction with the sudo configuration.

4.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://developer.berlios.de/bugs/?func=detailbug&bug_id=9631&group_id=769
http://developer.berlios.de/project/shownotes.php?release_id=11706
http://developer.berlios.de/project/shownotes.php?release_id=11902
http://developer.berlios.de/project/shownotes.php?release_id=9777
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0015.html
http://secunia.com/advisories/23937 Patch Vendor Advisory
http://secunia.com/advisories/23984
http://secunia.com/advisories/24111
http://secunia.com/advisories/24469
http://www.gentoo.org/security/en/glsa/glsa-200703-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:042
http://www.securityfocus.com/bid/22299
http://www.vupen.com/english/advisories/2007/0393
https://lists.berlios.de/pipermail/smb4k-announce/2006-December/000037.html Patch
http://developer.berlios.de/bugs/?func=detailbug&bug_id=9631&group_id=769
http://developer.berlios.de/project/shownotes.php?release_id=11706
http://developer.berlios.de/project/shownotes.php?release_id=11902
http://developer.berlios.de/project/shownotes.php?release_id=9777
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0015.html
http://secunia.com/advisories/23937 Patch Vendor Advisory
http://secunia.com/advisories/23984
http://secunia.com/advisories/24111
http://secunia.com/advisories/24469
http://www.gentoo.org/security/en/glsa/glsa-200703-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:042
http://www.securityfocus.com/bid/22299
http://www.vupen.com/english/advisories/2007/0393
https://lists.berlios.de/pipermail/smb4k-announce/2006-December/000037.html Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:smb4k:smb4k:0.4:*:*:*:*:*:*:*
cpe:2.3:a:smb4k:smb4k:0.5:*:*:*:*:*:*:*
cpe:2.3:a:smb4k:smb4k:0.6:*:*:*:*:*:*:*
cpe:2.3:a:smb4k:smb4k:0.7:*:*:*:*:*:*:*
History

No history.

Information

Published : 2007-02-03 23:28

Updated : 2025-04-09 00:30

NVD link : CVE-2007-0475

Mitre link : CVE-2007-0475

CVE.ORG link : CVE-2007-0475

JSON object : View

Products Affected

smb4k

  • smb4k
CWE
NVD-CWE-Other