Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2007-3919
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-28 Oct, 2007 | 17:08
Updated At-29 Sep, 2017 | 01:29

(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.0MEDIUM
AV:L/AC:M/Au:S/C:N/I:C/A:C
Type: Primary
Version: 2.0
Base score: 6.0
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:S/C:N/I:C/A:C
CPE Matches
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*
xensource_inc
xensource_inc
>>xen>>3.0.3_0_1
cpe:2.3:a:xensource_inc:xen:3.0.3_0_1:*:*:*:*:*:*:*
xensource_inc
xensource_inc
>>xen>>3.0.3_0_3
cpe:2.3:a:xensource_inc:xen:3.0.3_0_3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-59Primarynvd@nist.gov
CWE ID: CWE-59
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-11-01T00:00:00

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-3919 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.

References
HyperlinkSourceResource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447795cve@mitre.org
N/A
http://osvdb.org/41342cve@mitre.org
N/A
http://osvdb.org/41343cve@mitre.org
N/A
http://secunia.com/advisories/27389cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/27408cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/27486cve@mitre.org
N/A
http://secunia.com/advisories/27497cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/29963cve@mitre.org
N/A
http://www.debian.org/security/2007/dsa-1395cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:203cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0194.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/26190cve@mitre.org
N/A
http://www.securitytracker.com/id?1018859cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/3621cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/37403cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9913cve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.htmlcve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00075.htmlcve@mitre.org
N/A
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447795
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://osvdb.org/41342
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://osvdb.org/41343
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27389
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27408
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27486
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27497
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/29963
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2007/dsa-1395
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:203
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0194.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/26190
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018859
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/3621
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/37403
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9913
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00075.html
Source: cve@mitre.org
Resource: N/A
Change History
0Changes found
Details not found