Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5686

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2007-5686
Last Modified 07 Mar 2011 10:01:08
Published 28 Oct 2007 01:08:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-5686

Summary

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.

Vulnerable Systems

Operating System

  • Rpath Linux 1


References

SECUNIA - 27215

CONFIRM - https://issues.rpath.com/browse/RPL-1825

VUPEN - ADV-2007-3474

BID - 26048

BUGTRAQ - 20071026 FLEA-2007-0060-1 initscripts

BUGTRAQ - 20071011 rPSA-2007-0214-1 initscripts


Last Updated: 27 May 2016 10:46:14