CVE-2007-5686

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2007-5686
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2007-5686.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2007-5686
Published
2007-10-28T17:08:00Z
Modified
2024-06-30T12:26:08.935081Z
Summary
[none]
Details

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.

References

Affected packages

Debian:11 / shadow

Package

Name
shadow
Purl
pkg:deb/debian/shadow?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:4.*

1:4.8.1-1
1:4.8.1-1.1
1:4.8.1-2
1:4.11.1+dfsg1-0exp1
1:4.11.1+dfsg1-1
1:4.11.1+dfsg1-2
1:4.12.3+dfsg1-1
1:4.12.3+dfsg1-2
1:4.12.3+dfsg1-3
1:4.13+dfsg1-1
1:4.13+dfsg1-2
1:4.13+dfsg1-3
1:4.13+dfsg1-4

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / shadow

Package

Name
shadow
Purl
pkg:deb/debian/shadow?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:4.*

1:4.13+dfsg1-1
1:4.13+dfsg1-2
1:4.13+dfsg1-3
1:4.13+dfsg1-4

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / shadow

Package

Name
shadow
Purl
pkg:deb/debian/shadow?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:4.*

1:4.13+dfsg1-1
1:4.13+dfsg1-2
1:4.13+dfsg1-3
1:4.13+dfsg1-4

Ecosystem specific

{
    "urgency": "unimportant"
}