ID

VAR-200710-0324


CVE

CVE-2007-4574


TITLE

Red Hat Linux Kernel Stack Unwinder Local Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 26158 // CNNVD: CNNVD-200710-431

DESCRIPTION

Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors. A local attacker can exploit this issue to crash the affected kernel, denying service to legitimate users. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA27322 VERIFY ADVISORY: http://secunia.com/advisories/27322/ CRITICAL: Moderately critical IMPACT: Security Bypass, DoS WHERE: >From remote OPERATING SYSTEM: Red Hat Enterprise Linux (v. For more information: SA25594 SA25895 SA26322 SA26935 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: https://rhn.redhat.com/errata/RHSA-2007-0940.html OTHER REFERENCES: SA25594: http://secunia.com/advisories/25594/ SA25895: http://secunia.com/advisories/25895/ SA26322: http://secunia.com/advisories/26322/ SA26935: http://secunia.com/advisories/26935/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-4574 // JVNDB: JVNDB-2007-000903 // BID: 26158 // VULHUB: VHN-27936 // PACKETSTORM: 60246

AFFECTED PRODUCTS

vendor:redhatmodel:enterprise linuxscope:eqversion:5.0

Trust: 1.6

vendor:cybertrustmodel:asianux serverscope:eqversion:3 (x86)

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3 (x86-64)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:5 (server)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:5.0 (client)

Trust: 0.8

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

sources: BID: 26158 // JVNDB: JVNDB-2007-000903 // CNNVD: CNNVD-200710-431 // NVD: CVE-2007-4574

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-4574
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-4574
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200710-431
value: MEDIUM

Trust: 0.6

VULHUB: VHN-27936
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-4574
severity: MEDIUM
baseScore: 4.7
vectorString: AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-27936
severity: MEDIUM
baseScore: 4.7
vectorString: AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-27936 // JVNDB: JVNDB-2007-000903 // CNNVD: CNNVD-200710-431 // NVD: CVE-2007-4574

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2007-4574

THREAT TYPE

local

Trust: 1.0

sources: BID: 26158 // PACKETSTORM: 60246 // CNNVD: CNNVD-200710-431

TYPE

Design Error

Trust: 0.9

sources: BID: 26158 // CNNVD: CNNVD-200710-431

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000903

PATCH

title:kernel-2.6.18-8.12AXurl:https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=58

Trust: 0.8

title:RHSA-2007:0940url:https://rhn.redhat.com/errata/RHSA-2007-0940.html

Trust: 0.8

title:RHSA-2007:0940url:http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0940J.html

Trust: 0.8

sources: JVNDB: JVNDB-2007-000903

EXTERNAL IDS

db:BIDid:26158

Trust: 2.8

db:NVDid:CVE-2007-4574

Trust: 2.8

db:SECUNIAid:27322

Trust: 2.6

db:SECTRACKid:1018844

Trust: 2.5

db:OSVDBid:45489

Trust: 1.7

db:JVNDBid:JVNDB-2007-000903

Trust: 0.8

db:REDHATid:RHSA-2007:0940

Trust: 0.6

db:CNNVDid:CNNVD-200710-431

Trust: 0.6

db:VULHUBid:VHN-27936

Trust: 0.1

db:PACKETSTORMid:60246

Trust: 0.1

sources: VULHUB: VHN-27936 // BID: 26158 // JVNDB: JVNDB-2007-000903 // PACKETSTORM: 60246 // CNNVD: CNNVD-200710-431 // NVD: CVE-2007-4574

REFERENCES

url:http://securitytracker.com/id?1018844

Trust: 2.5

url:http://www.securityfocus.com/bid/26158

Trust: 2.5

url:http://secunia.com/advisories/27322

Trust: 1.7

url:http://osvdb.org/45489

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2007-0940.html

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10681

Trust: 1.1

url:http://secunia.com/advisories/27322/

Trust: 0.9

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4574

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4574

Trust: 0.8

url:https://rhn.redhat.com/errata/rhsa-2007-0940.html

Trust: 0.4

url:https://bugzilla.redhat.com/show_bug.cgi?id=298141

Trust: 0.3

url:http://secunia.com/advisories/26322/

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/13652/

Trust: 0.1

url:http://secunia.com/advisories/26935/

Trust: 0.1

url:http://secunia.com/advisories/25895/

Trust: 0.1

url:http://secunia.com/network_software_inspector/

Trust: 0.1

url:http://rhn.redhat.com

Trust: 0.1

url:http://secunia.com/advisories/25594/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/product/13653/

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: VULHUB: VHN-27936 // BID: 26158 // JVNDB: JVNDB-2007-000903 // PACKETSTORM: 60246 // CNNVD: CNNVD-200710-431 // NVD: CVE-2007-4574

CREDITS

Red Hat

Trust: 0.6

sources: CNNVD: CNNVD-200710-431

SOURCES

db:VULHUBid:VHN-27936
db:BIDid:26158
db:JVNDBid:JVNDB-2007-000903
db:PACKETSTORMid:60246
db:CNNVDid:CNNVD-200710-431
db:NVDid:CVE-2007-4574

LAST UPDATE DATE

2024-08-14T13:15:32.521000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-27936date:2017-09-29T00:00:00
db:BIDid:26158date:2007-10-24T19:36:00
db:JVNDBid:JVNDB-2007-000903date:2007-12-19T00:00:00
db:CNNVDid:CNNVD-200710-431date:2007-10-23T00:00:00
db:NVDid:CVE-2007-4574date:2017-09-29T01:29:18.860

SOURCES RELEASE DATE

db:VULHUBid:VHN-27936date:2007-10-23T00:00:00
db:BIDid:26158date:2007-10-22T00:00:00
db:JVNDBid:JVNDB-2007-000903date:2007-11-06T00:00:00
db:PACKETSTORMid:60246date:2007-10-22T18:39:08
db:CNNVDid:CNNVD-200710-431date:2007-10-23T00:00:00
db:NVDid:CVE-2007-4574date:2007-10-23T10:46:00