CVE-2007-6283

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 18-12-2007 02:46

Last modified: - 25-02-2022 08:06

Total changes: - 3

Description

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.

Common Vulnerability Scoring System (CVSS)

AV:L/AC:L/Au:N/C:N/I:N/A:C

Low

Attack complexity

Local

Attack vector

High

Availability

None

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

4.9

Base score

3.9

6.9

Exploitability score

Impact score

Verification logic

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5.0

vendor=fedoraproject AND product=fedora_core

vendor=oracle AND product=linux AND version=5.0

vendor=centos AND product=centos AND version=5

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_desktop AND version=5.0

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_for_ibm_z_systems AND version=5.0_s390x

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_for_power_big_endian AND version=5.0

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_server AND version=5.0

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_workstation AND version=5.0

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-6283
FEDORA-2007-4655-Vendor Advisory
FEDORA-2007-4658-Vendor Advisory
28180-Third Party Advisory
RHSA-2008:0300-Vendor Advisory
30313-Third Party Advisory
oval:org.mitre.oval:def:9977-Third Party Advisory

Keywords

CVE-2007-6283

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2007-6283

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures