Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6334

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6334
Last Modified 07 Mar 2011 10:02:29
Published 20 Dec 2007 06:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6334

Summary

Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.

Vulnerable Systems

Application

  • Ingres 2.5

  • Ingres 2.6


References

BID - 26959

SECUNIA - 28187

SECUNIA - 28183

VUPEN - ADV-2007-4304

VUPEN - ADV-2007-4303

CONFIRM - http://www.ingres.com/support/security-alertDec17.php

CONFIRM - http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp

SECTRACK - 1019134

BUGTRAQ - 20071221 [CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability

OSVDB - 39358


Last Updated: 27 May 2016 10:46:28