ID |
CVE-2007-4393
|
Summary |
The installation script for orarun on SUSE Linux before 20070810 places the oracle user into the disk group, which allows the local oracle user to read or write raw disk partitions. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.6 (as of 15-11-2008 - 06:56) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
osvdb | 46403 | secunia | 26395 | suse | SUSE-SR:2007:016 |
|
Last major update |
15-11-2008 - 06:56 |
Published |
17-08-2007 - 22:17 |
Last modified |
15-11-2008 - 06:56 |