PT-2007-7155 · Red Hat+1 · Fedora+2

Published

2007-12-18

Updated

2022-02-25

CVE-2007-6283

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux versions 5 Fedora (affected versions not specified)

Description The issue allows local users to perform unauthorized named commands due to the Bind /etc/rndc.key file having world-readable permissions. This can lead to a denial of service by stopping named.

Recommendations For Red Hat Enterprise Linux version 5, change the permissions of the /etc/rndc.key file to prevent world-readable access. For Fedora, change the permissions of the /etc/rndc.key file to prevent world-readable access.

Fix

DoS

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2007-6283

RHSA-2008:0300

RHSA-2008_0300

Affected Products

Bind

Fedora

Red Hat

PT-2007-7155 · Red Hat+1 · Fedora+2

CVE-2007-6283

Weakness Enumeration

Related Identifiers

Affected Products

References · 11