ID CVE-2007-0470
Summary Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2007-09-27T08:57:43.199-04:00
class vulnerability
contributors
name Pai Peng
organization Opsware, Inc.
definition_extensions
  • comment Solaris 8 (SPARC) is installed
    oval oval:org.mitre.oval:def:1539
  • comment Solaris 9 (SPARC) is installed
    oval oval:org.mitre.oval:def:1457
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 8 (x86) is installed
    oval oval:org.mitre.oval:def:2059
  • comment Solaris 9 (x86) is installed
    oval oval:org.mitre.oval:def:1683
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
family unix
id oval:org.mitre.oval:def:2038
status accepted
submitted 2007-08-10T12:25:20.000-04:00
title Security Vulnerabilities in the tip(1) Command May Allow Execution of Arbitrary Code With Elevated Privileges
version 35
refmap via4
bid 22190
osvdb 31616
sectrack 1017546
secunia 23821
sunalert 102773
vupen ADV-2007-0317
xf solaris-tip-privilege-escalation(31669)
Last major update 30-10-2018 - 16:25
Published 24-01-2007 - 01:28
Last modified 30-10-2018 - 16:25
Back to Top