Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
References
Link | Resource |
---|---|
http://secunia.com/advisories/28180 | Third Party Advisory |
http://secunia.com/advisories/30313 | Third Party Advisory |
http://www.redhat.com/support/errata/RHSA-2008-0300.html | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-6283 | Issue Tracking Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9977 | Third Party Advisory |
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00587.html | Vendor Advisory |
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00671.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
25 Feb 2022, 19:06
Type | Values Removed | Values Added |
---|---|---|
References | (SECUNIA) http://secunia.com/advisories/28180 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/30313 - Third Party Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9977 - Third Party Advisory | |
References | (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-6283 - Issue Tracking, Vendor Advisory | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00587.html - Vendor Advisory | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00671.html - Vendor Advisory | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2008-0300.html - Vendor Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0_s390x:*:*:*:*:*:*:* cpe:2.3:o:centos:centos:5:*:*:*:*:*:*:* cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* |
|
First Time |
Redhat enterprise Linux For Power Big Endian
Centos Redhat enterprise Linux Desktop Centos centos Redhat enterprise Linux Server Oracle Redhat enterprise Linux Workstation Redhat enterprise Linux For Ibm Z Systems Oracle linux |
03 Feb 2022, 17:19
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora_core:*:*:*:*:*:*:*:* | |
First Time |
Fedoraproject fedora Core
Fedoraproject |
Information
Published : 2007-12-18 01:46
Updated : 2023-12-10 10:40
NVD link : CVE-2007-6283
Mitre link : CVE-2007-6283
CVE.ORG link : CVE-2007-6283
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux
- enterprise_linux_for_power_big_endian
- enterprise_linux_for_ibm_z_systems
centos
- centos
fedoraproject
- fedora_core
oracle
- linux
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor