xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Xfsdump
  • Xfsdump
Suse
  • Opensuse
  • Suse Linux School Server
  • Suse Open Enterprise Server
  • Suse Linux
  • Suse Linux Standard Server
  • Suse United Linux
  • Suse Linux Openexchange Server

Configuration 1 [-]

OR cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.0:*:retail_solution:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10:*:enterprise_desktop:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.1:*:personal:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.1:*:professional:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.2:*:professional:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.2:*:x86_64:*:*:*:*:*
cpe:2.3:o:suse:suse_united_linux:1.0:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:suse:suse_linux_openexchange_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:suse_linux_school_server:gold:*:i386:*:*:*:*:*
cpe:2.3:a:suse:suse_linux_standard_server:8.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:suse_open_enterprise_server:9:*:*:*:*:*:*:*
cpe:2.3:a:xfsdump:xfsdump:2.2.38:*:*:*:*:*:*:*
cpe:2.3:o:suse:opensuse:10.2:*:*:*:*:*:*:*
References
Link Resource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894 Exploit
http://osvdb.org/36716
http://secunia.com/advisories/25220 Vendor Advisory
http://secunia.com/advisories/25425 Vendor Advisory
http://secunia.com/advisories/25761 Vendor Advisory
http://secunia.com/advisories/26867 Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:134
http://www.novell.com/linux/security/advisories/2007_10_sr.html Vendor Advisory
http://www.securityfocus.com/bid/23922
http://www.ubuntu.com/usn/usn-516-1
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-14T21:00:00

Updated: 2007-06-01T09:00:00

Reserved: 2007-05-14T00:00:00

Link: CVE-2007-2654

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2007-05-14T21:19:00.000

Modified: 2008-11-13T05:00:00.000

Link: CVE-2007-2654

JSON object: View

cve-icon Redhat Information

No data.

CWE