CVE-2007-5829 - OpenCVE

The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity High

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:H/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Symantec	Norton Internet Security Norton Antivirus

Configuration 1 [-]

OR	cpe:2.3:a:symantec:norton_antivirus:9.0::macintosh:::::
	cpe:2.3:a:symantec:norton_antivirus:9.0.1::macintosh:::::
	cpe:2.3:a:symantec:norton_antivirus:9.0.2::macintosh:::::
	cpe:2.3:a:symantec:norton_antivirus:9.0.3::macintosh:::::
	cpe:2.3:a:symantec:norton_antivirus:10.0::macintosh:::::
	cpe:2.3:a:symantec:norton_antivirus:10.1::macintosh:::::
	cpe:2.3:a:symantec:norton_internet_security:3.0::macintosh:::::

References

Link	Resource
http://osvdb.org/40864
http://secunia.com/advisories/27488	Vendor Advisory
http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html
http://securitytracker.com/id?1018889
http://securitytracker.com/id?1018890
http://www.securityfocus.com/bid/26253
http://www.vupen.com/english/advisories/2007/3698	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/38229

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-11-05T19:00:00

Updated: 2017-07-28T12:57:01

Reserved: 2007-11-05T00:00:00

Link: CVE-2007-5829

JSON object: View

NVD Information

Status : Modified

Published: 2007-11-05T19:46:00.000

Modified: 2017-07-29T01:33:53.913

Link: CVE-2007-5829

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-01T00:00:00", "descriptions": [{"lang": "en", "value": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"}, {"name": "1018890", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018890"}, {"name": "symantec-av-mac-privilege-escalation(38229)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"}, {"name": "27488", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27488"}, {"name": "26253", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26253"}, {"name": "1018889", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018889"}, {"name": "ADV-2007-3698", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3698"}, {"name": "40864", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/40864"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5829", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html", "refsource": "CONFIRM", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"}, {"name": "1018890", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018890"}, {"name": "symantec-av-mac-privilege-escalation(38229)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"}, {"name": "27488", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27488"}, {"name": "26253", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26253"}, {"name": "1018889", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018889"}, {"name": "ADV-2007-3698", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3698"}, {"name": "40864", "refsource": "OSVDB", "url": "http://osvdb.org/40864"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5829", "datePublished": "2007-11-05T19:00:00", "dateReserved": "2007-11-05T00:00:00", "dateUpdated": "2017-07-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*", "matchCriteriaId": "497635AC-D7F2-4A5C-8C37-DA493C9681A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*", "matchCriteriaId": "242D33E8-1B6B-4562-9F2A-1B34E3B7BC71", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*", "matchCriteriaId": "252ACD1B-323F-4139-880D-89D600F29986", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*", "matchCriteriaId": "B2D0922A-3EA3-4BC9-9311-9DCA57338CBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*", "matchCriteriaId": "7225A578-8F62-42BD-99AC-D3385478613A", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:macintosh:*:*:*:*:*", "matchCriteriaId": "2A061F24-0256-47F4-A1DD-702A0031EAAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*", "matchCriteriaId": "D2259605-B720-42B0-8476-6CAE07C7B143", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled."}, {"lang": "es", "value": "El esc\u00e1ner Disk Mount en Symantec AntiVirus para Macintosh versiones 9.x y 10.x, Norton AntiVirus para Macintosh versiones 10.0 y 10.1 y Norton Internet Security para Macintosh versiones 3.x , usa un directorio con permisos d\u00e9biles (grupo grabable), que permite a usuarios administradores locales alcanzar privilegios de root mediante la sustituci\u00f3n de archivos no especificados, que se ejecutan cuando un usuario con acceso f\u00edsico inserta un disco y la opci\u00f3n \"Show Progress During Mount Scans\" est\u00e1 habilitada."}], "id": "CVE-2007-5829", "lastModified": "2017-07-29T01:33:53.913", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 1.5, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-11-05T19:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/40864"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27488"}, {"source": "cve@mitre.org", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018889"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018890"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26253"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3698"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}