NVD

Id
55256  
Name
CVE-2007-3102  
Description
Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2007-10-18  
Modified Date
2014-08-08  
Seq
2007-3102  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
280799 55256 CVE-2007-3102 oval:org.mitre.oval:def:11124  View
280800 55256 CVE-2007-3102 http://support.avaya.com/elmodocs2/security/ASA-2007-526.htm  View
280801 55256 CVE-2007-3102 http://support.avaya.com/elmodocs2/security/ASA-2007-527.htm  View
280802 55256 CVE-2007-3102 RHSA-2007:0540  View
280803 55256 CVE-2007-3102 RHSA-2007:0555  View
280804 55256 CVE-2007-3102 RHSA-2007:0703  View
280805 55256 CVE-2007-3102 RHSA-2007:0737  View
280806 55256 CVE-2007-3102 26097  View
280807 55256 CVE-2007-3102 https://bugzilla.redhat.com/show_bug.cgi?id=248059  View
280808 55256 CVE-2007-3102 FEDORA-2007-715  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52136 JVNDB-2007-000799 OpenSSH の linux_audit_record_event() 関数における監査ログに不正な文字を埋め込まれる問題 OpenSSH には linux_audit_record_event() 関数に不備があり、細工された username によって、監査ログに任意の文字列を書き込まれる問題が存在します。 CVE-2007-3102 26457 CVE-2007-3102 55256 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000799.html 2007-10-18 2007-12-17 View