CVE-2007-1057: Race Condition
First published: Wed Feb 21 2007(Updated: )
The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nortel Alteon 2424 Application Switch | =23.2 | |
| Nortel SSL VPN Module 1000 | ||
| Nortel VPN Gateway 3070 | ||
| Nortel Net Direct Client | <=6.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://spoofed.org/blog/archive/2007/02/nortel_vpn_unix_client_local_root_compromise.html
- http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021886-01.pdf
- http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540071
- http://secunia.com/advisories/24231
- http://www.securityfocus.com/bid/22632
- http://www.securitytracker.com/id?1017678
- http://osvdb.org/33304
- http://www.vupen.com/english/advisories/2007/0671
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32597
- https://www.exploit-db.com/exploits/3356
Frequently Asked Questions
What is the severity of CVE-2007-1057?
CVE-2007-1057 is considered a high severity vulnerability due to its potential for local users to exploit it for privilege escalation.
How do I fix CVE-2007-1057?
To fix CVE-2007-1057, upgrade the Net Direct Client for Linux to version 6.0.5 or later.
Which systems are affected by CVE-2007-1057?
CVE-2007-1057 affects the Nortel Net Direct Client for Linux versions prior to 6.0.5, specifically compatible with certain Nortel devices.
What type of vulnerability is CVE-2007-1057?
CVE-2007-1057 is a local privilege escalation vulnerability caused by insecure file permissions.
Can CVE-2007-1057 be exploited remotely?
No, CVE-2007-1057 requires local access to exploit, as it involves a race condition in the system's execution of files.
- collector/nvd-historical
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/nortel
- canonical/nortel alteon 2424 application switch
- version/nortel alteon 2424 application switch/23.2
- canonical/nortel ssl vpn module 1000
- canonical/nortel vpn gateway 3070
- canonical/nortel net direct client
- version/nortel net direct client/6.0.4