CVE-2007-3337

Published: Jun 22, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

ADV-2007-2288

vdb-entry

x_refsource_VUPEN

http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778

x_refsource_CONFIRM

25756

third-party-advisory

x_refsource_SECUNIA

25775

third-party-advisory

x_refsource_SECUNIA

ADV-2007-2290

vdb-entry

x_refsource_VUPEN

http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp

x_refsource_CONFIRM

http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-file-truncation/

x_refsource_MISC

37485

vdb-entry

x_refsource_OSVDB

20070625 Ingres wakeup setuid(ingres) file truncation

mailing-list

x_refsource_BUGTRAQ

http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451

x_refsource_CONFIRM

24585

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-3337

Description

Affected Products

References