CVE-2007-3849 — Redhat Enterprise Linux vulnerability

CWE-2644 documents4 sources

Severity

1.9LOWNVD

EPSS

0.1%

top 73.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise Linux

Timeline

PublishedSep 5

Latest updateMay 1

Description

Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files.

CVSS vector

AV:L/AC:M/C:N/I:P/A:NExploitability: 3.4 | Impact: 2.9

Affected Packages0 packages

Also affects: Enterprise Linux 5.0

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-gg32-f5c6-mgh7: Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0↗2022-05-01

▶

📋Vendor Advisories

Red Hat

Rebase aide to 0.13.1↗2007-09-04

▶

💬Community

Bugzilla

CVE-2007-3849 Rebase aide to 0.13.1↗2007-04-18

▶