CVE-2007-0257
Published Jan 16, 2007
Last updated 3 months ago
Overview
- Description
- Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code
- Source
- cve@mitre.org
- NVD status
- Modified
- CNA Tags
- disputed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:1.9.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E8B4803-8997-458A-A62C-F8E1BDC0A57E"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09DF5719-7980-42F1-A55F-BA42B5AB51E8"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E661647F-ED24-40C9-B85D-9C60F45EA00F"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4D9BF20-272D-428A-88DD-0CA90B14C631"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95BF408B-DE5C-4AD4-986B-FF9C38E1B515"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23E79624-4CBD-4744-BD1E-518B9EBFF7C1"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61DC3A73-B269-4418-A8EC-877BDDDB57BF"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F45B7B0-DAEE-4101-97AB-C41F6E206916"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAC33E4A-76D3-4C16-B261-CDB0CF78F048"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB4F7AFD-AD7A-45ED-9660-7BC6DFCD36E9"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B598D0A0-21A2-4731-B816-A96B4D8A389A"
},
{
"criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30A7EF3A-9C9D-49EC-B214-80D43558CFDD"
}
],
"operator": "OR"
}
]
}
]