Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-5714HistoryOct 03, 2022 - 4:14 p.m.
CVE-2007-5714
2022-10-0316:14:31
Debian Security Bug Tracker
security-tracker.debian.org
10
cve-2007-5714
gentoo
mldonkey
p2p
remote attackers
login access
arbitrary code
unix
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.015
Percentile
87.3%
The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account with an empty default password and valid login shell, which might allow remote attackers to obtain login access and execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | mldonkey | < 3.1.6-1 | mldonkey_3.1.6-1_all.deb |
Related
prion
prion
Default credentials
2007-10-30 19:46:00
cve
cve
CVE-2007-5714
2007-10-30 19:46:00
gentoo
gentoo
MLDonkey: Privilege escalation
2007-10-24 00:00:00
nvd
nvd
CVE-2007-5714
2007-10-30 19:46:00
openvas
openvas
Gentoo Security Advisory GLSA 200710-25 (mldonkey)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200710-25 (mldonkey)
2008-09-24 00:00:00
nessus
nessus
GLSA-200710-25 : MLDonkey: Privilege escalation
2007-10-25 00:00:00
cvelist
cvelist
CVE-2007-5714
2007-10-30 19:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.015
Percentile
87.3%
Related for DEBIANCVE:CVE-2007-5714