Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-6206
HistoryDec 04, 2007 - 12:46 a.m.

CVE-2007-6206

2007-12-0400:46:00
CWE-200
[email protected]
web.nvd.nist.gov
66
cve-2007-6206
linux kernel
uid
core dump
security vulnerability
information disclosure.

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.2%

JSON

The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.

Affected configurations

NVD
Node
linuxlinux_kernelRange2.4.02.4.35.2
OR
linuxlinux_kernelRange2.6.02.6.24
OR
linuxlinux_kernelMatch2.6.24-
OR
linuxlinux_kernelMatch2.6.24rc1
OR
linuxlinux_kernelMatch2.6.24rc2
OR
linuxlinux_kernelMatch2.6.24rc3
Node
opensuseopensuseMatch10.2
OR
opensuseopensuseMatch10.3
OR
suselinux_enterprise_desktopMatch10sp1
OR
suselinux_enterprise_real_time_extensionMatch10sp1
OR
suselinux_enterprise_serverMatch10sp1
OR
suselinux_enterprise_software_development_kitMatch10sp1
Node
redhatenterprise_linux_desktopMatch4.0
OR
redhatenterprise_linux_eusMatch4.6
OR
redhatenterprise_linux_serverMatch4.0
OR
redhatenterprise_linux_workstationMatch4.0
Node
debiandebian_linuxMatch3.1
OR
debiandebian_linuxMatch4.0
Node
canonicalubuntu_linuxMatch6.06
OR
canonicalubuntu_linuxMatch6.10
OR
canonicalubuntu_linuxMatch7.04
OR
canonicalubuntu_linuxMatch7.10

References

Related

cvelist 1
ubuntucve 1
seebug 2
veracode 1
prion 1
nvd 1
nessus 26
suse 4
openvas 44
securityvulns 2
debian 4
osv 4
oraclelinux 4
redhat 5
centos 4
vmware 2
ubuntu 2
cvelist
cvelist
CVE-2007-6206
2007-12-04 00:00:00
ubuntucve
ubuntucve
CVE-2007-6206
2007-12-04 00:00:00
seebug
seebug
Linux Kernel DO_COREDUMP函数本地信息泄露漏洞
2007-12-09 00:00:00
Linux Kernel DO_COREDUMP本地信息泄露漏洞
2007-12-10 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:24:24
prion
prion
Information disclosure
2007-12-04 00:46:00
nvd
nvd
CVE-2007-6206
2007-12-04 00:46:00
nessus
nessus
openSUSE 10 Security Update : kernel (kernel-4986)
2008-02-14 00:00:00
Debian DSA-1436-1 : linux-2.6 - several vulnerabilities
2007-12-24 00:00:00
CentOS 5 : kernel (CESA-2008:0089)
2010-01-06 00:00:00
suse
suse
local privilege escalation in kernel
2008-02-12 13:43:48
remote denial of service in kernel
2008-07-07 14:54:24
remote denial of service in kernel
2010-09-01 13:59:34
openvas
openvas
SuSE Update for kernel SUSE-SA:2008:007
2009-01-23 00:00:00
Debian: Security Advisory (DSA-1436-1)
2008-01-17 00:00:00
RedHat Update for kernel RHSA-2008:0089-01
2009-03-06 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-21 00:00:00
Linux multiple security vulnerabilities
2007-12-21 00:00:00
debian
debian
[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-20 22:28:26
[SECURITY] [DSA 1504-1] New Linux kernel 2.6.8 packages fix several issues
2008-02-22 21:27:33
[SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
2008-02-22 20:55:49
osv
osv
linux-2.6 fai-kernels user-mode-linux - several vulnerabilities
2007-12-20 00:00:00
kernel-source-2.4.27 - several vulnerabilities
2008-02-22 00:00:00
kernelimage-2.4.27 - several issues
2008-02-22 00:00:00
oraclelinux
oraclelinux
Important: kernel security and bug fix update
2008-01-24 00:00:00
Important: kernel security and bug fix update
2008-02-01 00:00:00
kernel security and bug fix update
2008-05-07 00:00:00
redhat
redhat
(RHSA-2008:0089) Important: kernel security and bug fix update
2008-01-23 00:00:00
(RHSA-2008:0055) Important: kernel security and bug fix update
2008-01-31 00:00:00
(RHSA-2008:0211) Important: kernel security and bug fix update
2008-05-07 00:00:00
centos
centos
kernel security update
2008-01-24 00:20:48
kernel security update
2008-02-04 17:59:19
kernel security update
2008-05-07 14:58:01
vmware
vmware
Updated ESX service console packages for Samba and vmnix
2008-07-28 00:00:00
Updated ESX service console packages for Samba and vmnix
2008-07-28 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2008-02-14 00:00:00
Linux kernel vulnerabilities
2008-02-04 00:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.2%

JSON
Related for CVE-2007-6206
cvelist1ubuntucve1seebug2veracode1prion1nvd1nessus26suse4openvas44securityvulns2debian4osv4oraclelinux4redhat5centos4vmware2ubuntu2