CVE-2007-0004Redhat Enterprise Linux vulnerability

CWE-2643 documents3 sources
Severity
1.9LOWNVD
EPSS
0.0%
top 85.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Enterprise Linux
Timeline
PublishedSep 18
Latest updateMay 1

Description

The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the server, which allows local client processes to obtain a false success status from open calls that the server would deny, and possibly obtain sensitive information about file permissions on the server, as demonstrated in a root_squash environment. N

CVSS vector

AV:L/AC:M/C:P/I:N/A:NExploitability: 3.4 | Impact: 2.9

Affected Packages0 packages

Also affects: Enterprise Linux 3.0

🔴Vulnerability Details

1
GHSA
GHSA-2p32-7jx3-9vw2: The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissio2022-05-01

💬Community

1
Bugzilla
CVE-2007-0004 open() succeeds incorrectly on root_squash NFS when mounted with noacl2006-07-21