xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
References
Link | Resource |
---|---|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894 | Exploit |
http://osvdb.org/36716 | |
http://secunia.com/advisories/25220 | Vendor Advisory |
http://secunia.com/advisories/25425 | Vendor Advisory |
http://secunia.com/advisories/25761 | Vendor Advisory |
http://secunia.com/advisories/26867 | Vendor Advisory |
http://www.mandriva.com/security/advisories?name=MDKSA-2007:134 | |
http://www.novell.com/linux/security/advisories/2007_10_sr.html | Vendor Advisory |
http://www.securityfocus.com/bid/23922 | |
http://www.ubuntu.com/usn/usn-516-1 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-05-14T21:00:00
Updated: 2007-06-01T09:00:00
Reserved: 2007-05-14T00:00:00
Link: CVE-2007-2654
JSON object: View
NVD Information
Status : Analyzed
Published: 2007-05-14T21:19:00.000
Modified: 2008-11-13T05:00:00.000
Link: CVE-2007-2654
JSON object: View
Redhat Information
No data.
CWE