CVE-2007-5827

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2007-5827
iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords.

2.1 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448873
http://www.securityfocus.com/bid/26299
http://secunia.com/advisories/27483 Vendor Advisory
http://osvdb.org/42037
https://exchange.xforce.ibmcloud.com/vulnerabilities/38228
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*
cpe:2.3:a:iscsitarget:iscsitarget:0.4.15:*:*:*:*:*:*:*
Information

Published : 2007-11-05 11:46

Updated : 2017-07-28 18:33

NVD link : CVE-2007-5827

Mitre link : CVE-2007-5827

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

debian

  • debian_linux

iscsitarget

  • iscsitarget