Vulnerability Details CVE-2007-1500
The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 23.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://bugs.gentoo.org/show_bug.cgi?id=159542
- http://osvdb.org/34267
- http://secunia.com/advisories/24526
- http://security.gentoo.org/glsa/glsa-200703-20.xml
- http://www.securityfocus.com/bid/23014
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33057
- http://bugs.gentoo.org/show_bug.cgi?id=159542
- http://osvdb.org/34267
- http://secunia.com/advisories/24526
- http://security.gentoo.org/glsa/glsa-200703-20.xml
- http://www.securityfocus.com/bid/23014
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33057
Products affected by CVE-2007-1500
-
cpe:2.3:o:gentoo:linux:-
-
cpe:2.3:o:gentoo:linux:1.2
-
cpe:2.3:o:gentoo:linux:1.4
-
cpe:2.3:o:gentoo:linux:2.1.30
-
cpe:2.3:o:gentoo:linux:2.2.28
-
cpe:2.3:o:gentoo:linux:2.3.30