NVD

Id
7003  
Name
CVE-2008-7276  
Description
Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) before 2.3.2 creates a directory under /tmp/ with 1274 permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations, related to incorrect interpretation of 0700 as a decimal value.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2011-03-18  
Modified Date
2011-03-22  
Seq
2008-7276  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
39512 7003 CVE-2008-7276 http://bugs.otrs.org/show_bug.cgi?id=3133  View
39513 7003 CVE-2008-7276 http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33533 JVNDB-2011-003775 OTRS の Kernel/System/Web/Request.pm におけるアクセス制限を回避される脆弱性 Open Ticket Request System (OTRS) の Kernel/System/Web/Request.pm は、1274 パーミッションで /tmp/ 下にディレクトリを作成するため、アクセス制限を回避される脆弱性が存在します。 CVE-2008-7276 37389 CVE-2008-7276 7003 4.6 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003775.html 2011-03-18 2012-03-27 View