CVE-2007-0473
EPSS 0.06%
Description
The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 does not preserve /etc/sudoers permissions across modifications, which allows local users to obtain sensitive information (/etc/sudoers contents) by reading this file.
How to fix CVE-2007-0473
To remediate CVE-2007-0473, upgrade the affected package to a fixed version below.
- Debian/smb4k—upgrade to 0.8.0-1 or later
Is CVE-2007-0473 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.8.0-1