Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-1716
HistoryMar 27, 2007 - 10:19 p.m.

CVE-2007-1716

2007-03-2722:19:00
[email protected]
web.nvd.nist.gov
27
cve-2007-1716
pam_console
ownership restoration
local users
privilege escalation
nvd

3.4 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:M/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.2%

JSON

pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.

Affected configurations

NVD
Node
redhatenterprise_linuxMatch4.4

Related

nvd 1
cvelist 1
securityvulns 2
prion 1
veracode 1
oraclelinux 3
centos 2
nessus 12
redhat 3
openvas 3
gentoo 1
vmware 1
nvd
nvd
CVE-2007-1716
2007-03-27 22:19:00
cvelist
cvelist
CVE-2007-1716
2007-03-27 22:00:00
securityvulns
securityvulns
Linux pam_console privilege escalation
2007-03-29 00:00:00
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
2007-09-21 00:00:00
prion
prion
Code injection
2007-03-27 22:19:00
veracode
veracode
Privilege Escalation
2020-04-10 00:16:10
oraclelinux
oraclelinux
pam security, bug fix, and enhancement update
2007-11-19 00:00:00
pam security, bug fix, and enhancement update
2007-11-27 00:00:00
Moderate: pam security and bug fix update
2007-06-20 00:00:00
centos
centos
cdda2wav, cdrecord, mkisofs, pam security update
2007-06-11 20:19:31
pam security update
2007-11-15 17:15:52
nessus
nessus
Oracle Linux 3 : pam (ELSA-2007-0465)
2013-07-12 00:00:00
CentOS 3 : pam (CESA-2007:0465)
2007-06-14 00:00:00
RHEL 3 : pam (RHSA-2007:0465)
2007-06-12 00:00:00
redhat
redhat
(RHSA-2007:0737) Moderate: pam security, bug fix, and enhancement update
2007-11-15 00:00:00
(RHSA-2007:0555) Moderate: pam security, bug fix, and enhancement update
2007-11-07 00:00:00
(RHSA-2007:0465) Moderate: pam security and bug fix update
2007-06-11 13:45:45
openvas
openvas
Oracle: Security Advisory (ELSA-2007-0555)
2015-10-08 00:00:00
Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)
2008-09-24 00:00:00
gentoo
gentoo
VMware Workstation and Player: Multiple vulnerabilities
2007-11-18 00:00:00
vmware
vmware
Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.
2007-09-18 00:00:00

3.4 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:M/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.2%

JSON
Related for CVE-2007-1716
nvd1cvelist1securityvulns2prion1veracode1oraclelinux3centos2nessus12redhat3openvas3gentoo1vmware1