CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 1CVE-2007-6013 – WordPress Core 1.5 - 2.3.1 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2007-6013
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash. Wordpress versiones 1.5 hasta 2.3.1, usa valores de cookies basados ??en el hash MD5 de un hash MD5 de contraseñas, lo que permite a atacantes omitir la autenticación mediante la obtención del hash MD5 desde la base de datos del usuario, y luego generar la cookie de autenticación a partir de ese hash. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058576.html http://osvdb.org/40801 http://secunia.com/advisories/27714 http://secunia.com/advisories/28310 http://securityreason.com/securityalert/3375 http://trac.wordpress.org/ticket/5367 http://www.cl.cam.ac.uk/~sjm217/advisories/wordpress-cookie-auth.txt http://www.securityfocus.com/archive/1/483927/100/0/threaded http://www.securitytracker.com/id?1018980 http://www.vupen.com/english/advisories/2007/3941 • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.8EPSS: 11%CPEs: 2EXPL: 0CVE-2007-5593
https://notcve.org/view.php?id=CVE-2007-5593
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified. El install.php del Drupal 5.x anterior al 5.3, cuando el servidor de base de datos configurado no es alcanzable, permite a atacantes remotos ejecutar código de su elección a través de vectores que provocan que el settings.php sea modificado. • http://drupal.org/files/sa-2007-025/SA-2007-025-5.2.patch http://drupal.org/node/184316 http://osvdb.org/39648 http://secunia.com/advisories/27290 http://secunia.com/advisories/27352 http://www.securityfocus.com/bid/26119 https://exchange.xforce.ibmcloud.com/vulnerabilities/37265 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00328.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2007-5594
https://notcve.org/view.php?id=CVE-2007-5594
Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack. El Drupal 5.x anterior al 5.3 no aplican su protección Drupal Forms API contra la forma de borrado de usuario, lo que permite a atacantes remotos borrar usuarios a través de un ataque de falsificación de petición en sitios cruzados (CSRF). • http://drupal.org/node/184348 http://secunia.com/advisories/27290 http://secunia.com/advisories/27352 http://www.securityfocus.com/bid/26119 https://exchange.xforce.ibmcloud.com/vulnerabilities/37268 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00328.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2007-5191 – util-linux (u)mount doesn't drop privileges properly when calling helpers
https://notcve.org/view.php?id=CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs. El montaje y desmontaje en util-linux y loop-aes-utils, llaman a las funciones setuid y setgid en el orden incorrecto y no comprueban los valores de retorno, lo que podría permitir a atacantes alcanzar privilegios por medio de asistentes como mount.nfs. • http://bugs.gentoo.org/show_bug.cgi?id=195390 http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198 http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=ebbeb2c7ac1b00b6083905957837a271e80b187e http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://lists.vmware.com/pipermail/security-announce/2008/000002.html http://secunia.com/advisories/27104 http://secunia.com/advisories/27122 http://secunia.com/advisories/27145 http:/ • CWE-252: Unchecked Return Value •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2007-5159
https://notcve.org/view.php?id=CVE-2007-5159
The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (setuid root) to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor leak. El paquete ntfs-3g anterior a 1.913-2.fc7 en Fedora 7, y en el paquete kntfs-3g package en Ubuntu 7.10/Gutsy, asigna de forma incorrecta los permisos (setuid root) en mount.ntfs-3g, el cual permite a usuarios locales siendo miembros de fuse leer y escribir dispositivos de bloque de su elección, posiblemente afectando a un descriptor de fichero débil. • http://secunia.com/advisories/26938 https://bugzilla.redhat.com/show_bug.cgi?id=298651 https://www.redhat.com/archives/fedora-desktop-list/2007-September/msg00163.html https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00368.html • CWE-264: Permissions, Privileges, and Access Controls •