PT-2007-1152 · Sysstat+2 · Sysstat+2

Julien L

Publicado

2007-08-14

Atualizado

2024-06-15

CVE-2007-3852

CVSS v2.0

4.4

Média

Vetor

AV:L/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: sysstat versions 5.1.2 through 7.1.6

Description: The issue is related to the creation of an insecure script by the init script sysstat.in in sysstat, allowing local users to execute arbitrary code. This can potentially lead to unauthorized access to confidential data, disruption of data integrity, and denial of service.

Recommendations: For sysstat versions 5.1.2 through 7.1.6, consider restricting access to the sysstat.in script until a secure version is available. As a temporary workaround, avoid using the sysstat.in script to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

ALT-PU-2018-2754

ALT-PU-2018-2755

ALT-PU-2018-2814

BDU:2020-02848

CVE-2007-3852

OPENSUSE-SU-2024:11419-1

RHSA-2011:1005

RHSA-2011_1005

Produtos afetados

Alt Linux

Red Hat

Sysstat

PT-2007-1152 · Sysstat+2 · Sysstat+2

CVE-2007-3852

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 45