Vulnerabilities > CVE-2007-2839 - Local Arbitrary Command Execution vulnerability in Debian Gfax 0.4.2
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | GFax 0.7.6 Temporary Files Local Arbitrary Command Execution Vulnerability. CVE-2007-2839. Local exploit for linux platform |
id | EDB-ID:30280 |
last seen | 2016-02-03 |
modified | 2007-07-05 |
published | 2007-07-05 |
reporter | Steve Kemp |
source | https://www.exploit-db.com/download/30280/ |
title | GFax 0.7.6 Temporary Files Local Arbitrary Command Execution Vulnerability |
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-1329.NASL |
description | Steve Kemp from the Debian Security Audit project discovered that gfax, a GNOME frontend for fax programs, uses temporary files in an unsafe manner which may be exploited to execute arbitrary commands with the privileges of the root user. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25676 |
published | 2007-07-10 |
reporter | This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25676 |
title | Debian DSA-1329-1 : gfax - insecure temporary files |