Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-5159

Опубликовано: 01 окт. 2007
Источник: nvd
CVSS2: 4.6
EPSS Низкий

Описание

The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (setuid root) to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor leak.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*
cpe:2.3:a:ntfs-3g:ntfs-3g:*:*:*:*:*:*:*:*
Версия до 1.913-1.fc7 (включая)
Конфигурация 2

Одновременно

cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:a:ntfs-3g:ntfs-3g:*:*:*:*:*:*:*:*

EPSS

Процентиль: 13%
0.00044
Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2007-5159

ubuntu
около 18 лет назад

The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (setuid root) to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor leak.

debian логотип

CVE-2007-5159

debian
около 18 лет назад

The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g pac ...

github логотип

GHSA-r584-r284-xhg9

github
больше 3 лет назад

The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (setuid root) to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor leak.

EPSS

Процентиль: 13%
0.00044
Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264