Details of VAR-200710-0324

ID

VAR-200710-0324

CVE

CVE-2007-4574

TITLE

Red Hat Linux Kernel Stack Unwinder Local Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 26158 // CNNVD: CNNVD-200710-431

DESCRIPTION

Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors. A local attacker can exploit this issue to crash the affected kernel, denying service to legitimate users. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA27322 VERIFY ADVISORY: http://secunia.com/advisories/27322/ CRITICAL: Moderately critical IMPACT: Security Bypass, DoS WHERE: >From remote OPERATING SYSTEM: Red Hat Enterprise Linux (v. For more information: SA25594 SA25895 SA26322 SA26935 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: https://rhn.redhat.com/errata/RHSA-2007-0940.html OTHER REFERENCES: SA25594: http://secunia.com/advisories/25594/ SA25895: http://secunia.com/advisories/25895/ SA26322: http://secunia.com/advisories/26322/ SA26935: http://secunia.com/advisories/26935/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-4574 // JVNDB: JVNDB-2007-000903 // BID: 26158 // VULHUB: VHN-27936 // PACKETSTORM: 60246

AFFECTED PRODUCTS

vendor:	redhat	model:	enterprise linux	scope:	eq	version:	5.0	Trust: 1.6
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86-64)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	5.0 (client)	Trust: 0.8
vendor:	redhat	model:	enterprise linux desktop client	scope:	eq	version:	5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	5	Trust: 0.3

sources: BID: 26158 // JVNDB: JVNDB-2007-000903 // CNNVD: CNNVD-200710-431 // NVD: CVE-2007-4574

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-4574
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-4574
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200710-431
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-27936
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-4574
severity:	MEDIUM
baseScore:	4.7
vectorString:	AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-27936
severity:	MEDIUM
baseScore:	4.7
vectorString:	AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-27936 // JVNDB: JVNDB-2007-000903 // CNNVD: CNNVD-200710-431 // NVD: CVE-2007-4574

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2007-4574

THREAT TYPE

local

Trust: 1.0

sources: BID: 26158 // PACKETSTORM: 60246 // CNNVD: CNNVD-200710-431

TYPE

Design Error

Trust: 0.9

sources: BID: 26158 // CNNVD: CNNVD-200710-431

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000903

PATCH

title:	kernel-2.6.18-8.12AX	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=58	Trust: 0.8
title:	RHSA-2007:0940	url:	https://rhn.redhat.com/errata/RHSA-2007-0940.html	Trust: 0.8
title:	RHSA-2007:0940	url:	http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0940J.html	Trust: 0.8

sources: JVNDB: JVNDB-2007-000903

EXTERNAL IDS

db:	BID	id:	26158	Trust: 2.8
db:	NVD	id:	CVE-2007-4574	Trust: 2.8
db:	SECUNIA	id:	27322	Trust: 2.6
db:	SECTRACK	id:	1018844	Trust: 2.5
db:	OSVDB	id:	45489	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-000903	Trust: 0.8
db:	REDHAT	id:	RHSA-2007:0940	Trust: 0.6
db:	CNNVD	id:	CNNVD-200710-431	Trust: 0.6
db:	VULHUB	id:	VHN-27936	Trust: 0.1
db:	PACKETSTORM	id:	60246	Trust: 0.1

sources: VULHUB: VHN-27936 // BID: 26158 // JVNDB: JVNDB-2007-000903 // PACKETSTORM: 60246 // CNNVD: CNNVD-200710-431 // NVD: CVE-2007-4574

REFERENCES

url:	http://securitytracker.com/id?1018844	Trust: 2.5
url:	http://www.securityfocus.com/bid/26158	Trust: 2.5
url:	http://secunia.com/advisories/27322	Trust: 1.7
url:	http://osvdb.org/45489	Trust: 1.7
url:	http://www.redhat.com/support/errata/rhsa-2007-0940.html	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10681	Trust: 1.1
url:	http://secunia.com/advisories/27322/	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4574	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4574	Trust: 0.8
url:	https://rhn.redhat.com/errata/rhsa-2007-0940.html	Trust: 0.4
url:	https://bugzilla.redhat.com/show_bug.cgi?id=298141	Trust: 0.3
url:	http://secunia.com/advisories/26322/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/13652/	Trust: 0.1
url:	http://secunia.com/advisories/26935/	Trust: 0.1
url:	http://secunia.com/advisories/25895/	Trust: 0.1
url:	http://secunia.com/network_software_inspector/	Trust: 0.1
url:	http://rhn.redhat.com	Trust: 0.1
url:	http://secunia.com/advisories/25594/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/13653/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-27936 // BID: 26158 // JVNDB: JVNDB-2007-000903 // PACKETSTORM: 60246 // CNNVD: CNNVD-200710-431 // NVD: CVE-2007-4574

CREDITS

Red Hat

Trust: 0.6

sources: CNNVD: CNNVD-200710-431

SOURCES

db:	VULHUB	id:	VHN-27936
db:	BID	id:	26158
db:	JVNDB	id:	JVNDB-2007-000903
db:	PACKETSTORM	id:	60246
db:	CNNVD	id:	CNNVD-200710-431
db:	NVD	id:	CVE-2007-4574

LAST UPDATE DATE

2024-08-14T13:15:32.521000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-27936	date:	2017-09-29T00:00:00
db:	BID	id:	26158	date:	2007-10-24T19:36:00
db:	JVNDB	id:	JVNDB-2007-000903	date:	2007-12-19T00:00:00
db:	CNNVD	id:	CNNVD-200710-431	date:	2007-10-23T00:00:00
db:	NVD	id:	CVE-2007-4574	date:	2017-09-29T01:29:18.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-27936	date:	2007-10-23T00:00:00
db:	BID	id:	26158	date:	2007-10-22T00:00:00
db:	JVNDB	id:	JVNDB-2007-000903	date:	2007-11-06T00:00:00
db:	PACKETSTORM	id:	60246	date:	2007-10-22T18:39:08
db:	CNNVD	id:	CNNVD-200710-431	date:	2007-10-23T00:00:00
db:	NVD	id:	CVE-2007-4574	date:	2007-10-23T10:46:00