Back to search
CVE-2007-2063
Published: Apr 18, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for (1) the server pid file, which allows local users to cause arbitrary processes to be stopped, or (2) when _BPX_BATCH_UMASK is missing from the environment, creates HFS files with insecure permissions, which allows local users to read or modify these files and have other unknown impact.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2007-1414
vdb-entry
x_refsource_VUPEN
http://www.ssh.com/documents/33/SSH_Tectia_Server_5.4.0_zOS_releasenotes.txt
x_refsource_CONFIRM
35014
vdb-entry
x_refsource_OSVDB
34998
vdb-entry
x_refsource_OSVDB
24916
third-party-advisory
x_refsource_SECUNIA
23508
vdb-entry
x_refsource_BID
ssh-tectia-pid-hfs-privilege-escalation(33699)
vdb-entry
x_refsource_XF
1017913
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now