CVE-2007-1057
published 2007-02-21CVE-2007-1057: The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with…
PriorityP427medium6.9CVSS 2.0
AVLACMAuNCCICAC
EXPLOIT
EPSS
1.11%
61.7th percentile
The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nortel | net_direct_client | <= 6.0.4 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
CAPEC
Leveraging Race Conditions
mitre_capec
[HIGH] Leveraging Race Conditions
CAPEC-26: Leveraging Race Conditions
The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.
Execution Flow:
Step 1 [Explore]: The adversary explores to gauge what level of access they have.
Step 2 [Experiment]: The adversary gains access to a resource on the target host. The adversary modifies the
CAPEC
Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
mitre_capec
[HIGH] Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.
Execution Flow:
Step 1 [Explore]: The adversary explores to gauge what level of access they have.
Step 2 [Experiment]: The adversary confirms access to a resource on the target host. The adversary confir
http://osvdb.org/33304http://secunia.com/advisories/24231http://spoofed.org/blog/archive/2007/02/nortel_vpn_unix_client_local_root_compromise.htmlhttp://www.securityfocus.com/bid/22632http://www.securitytracker.com/id?1017678http://www.vupen.com/english/advisories/2007/0671http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021886-01.pdfhttp://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540071https://exchange.xforce.ibmcloud.com/vulnerabilities/32597https://www.exploit-db.com/exploits/3356http://osvdb.org/33304http://secunia.com/advisories/24231http://spoofed.org/blog/archive/2007/02/nortel_vpn_unix_client_local_root_compromise.htmlhttp://www.securityfocus.com/bid/22632http://www.securitytracker.com/id?1017678http://www.vupen.com/english/advisories/2007/0671http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021886-01.pdfhttp://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540071https://exchange.xforce.ibmcloud.com/vulnerabilities/32597https://www.exploit-db.com/exploits/3356
2007-02-21
Published