(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 00:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447795 - | |
References | () http://osvdb.org/41342 - | |
References | () http://osvdb.org/41343 - | |
References | () http://secunia.com/advisories/27389 - Vendor Advisory | |
References | () http://secunia.com/advisories/27408 - Vendor Advisory | |
References | () http://secunia.com/advisories/27486 - | |
References | () http://secunia.com/advisories/27497 - Vendor Advisory | |
References | () http://secunia.com/advisories/29963 - | |
References | () http://www.debian.org/security/2007/dsa-1395 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 - | |
References | () http://www.redhat.com/support/errata/RHSA-2008-0194.html - | |
References | () http://www.securityfocus.com/bid/26190 - | |
References | () http://www.securitytracker.com/id?1018859 - | |
References | () http://www.vupen.com/english/advisories/2007/3621 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/37403 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9913 - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00075.html - |
Information
Published : 2007-10-28 17:08
Updated : 2024-11-21 00:34
NVD link : CVE-2007-3919
Mitre link : CVE-2007-3919
CVE.ORG link : CVE-2007-3919
JSON object : View
Products Affected
debian
- debian_linux
xensource_inc
- xen
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')