Vulnerability Details CVE-2007-2838
The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.6%
CVSS Severity
CVSS v2 Score 7.2
References
- http://osvdb.org/37795
- http://secunia.com/advisories/25909
- http://secunia.com/advisories/25914
- http://www.debian.org/security/2007/dsa-1327
- http://www.securityfocus.com/bid/24717
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35401
- http://osvdb.org/37795
- http://secunia.com/advisories/25909
- http://secunia.com/advisories/25914
- http://www.debian.org/security/2007/dsa-1327
- http://www.securityfocus.com/bid/24717
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35401
Products affected by CVE-2007-2838
-
cpe:2.3:a:gsambad:gsambad:0.1.4
-
cpe:2.3:o:debian:debian_linux:4.0