MEDIUM🇵🇱 Wersja polska

CVE-2007-2654

CVSS 4.4v2.0pub. 2007-05-14upd. 2026-04-23

xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.

CVSS Vector
AV:L/AC:M/Au:N/C:P/I:P/A:P
  • SUSE Opensuse

    OS
    Suse
    10.2
  • SUSE Linux

    OS
    Suse
    1.01010.010.110.288.09.09.19.29.3
  • SUSE Linux Openexchange Server

    APP
    Suse
    4.0
  • SUSE Linux School Server

    APP
    Suse
    gold
  • SUSE Linux Standard Server

    APP
    Suse
    8.0
  • SUSE Open Enterprise Server

    APP
    Suse
    9
  • SUSE United Linux

    OS
    Suse
    1.0
  • Xfsdump

    APP
    Xfsdump
    2.2.38
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2011-0469CRITICAL9.8ten sam produkt

Code injection in openSUSE when running some source services used in the open build service 2.1 before March 1...

CVE-2002-0083CRITICAL9.8ten sam produkt

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious serve...

CVE-1999-0426CRITICAL9.8ten sam produkt

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.

CVE-2024-12085HIGH7.5ten sam produkt

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an att...

CVE-2017-3224HIGH8.2ten sam produkt

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LS...