Sign-up

ID

VAR-200701-0087


CVE

CVE-2007-0367


TITLE

Rumpus Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2007-003248

DESCRIPTION

Rumpus 5.1 and earlier has weak permissions for certain files and directories under /usr/local/Rumpus, including the configuration file, which allows local users to have an unknown impact by creating, modifying, or deleting files. Rumpus Ftp Server is prone to a local security vulnerability. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Rumpus Multiple Vulnerabilities SECUNIA ADVISORY ID: SA23842 VERIFY ADVISORY: http://secunia.com/advisories/23842/ CRITICAL: Moderately critical IMPACT: Privilege escalation, DoS, System access WHERE: >From remote SOFTWARE: Rumpus 5.x http://secunia.com/product/11982/ DESCRIPTION: LMH and KF have reported some vulnerabilities in Rumpus, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious users to compromise a vulnerable system. 1) The application invokes "ipfw" without an absolute path and has the setuid bit set. This can be exploited to gain "root" privileges by placing a specially crafted "ipfw" binary in the path. 2) Boundary errors within the FTP service can be exploited to cause heap-based buffer overflows and can potentially be exploited to execute arbitrary code via specially crafted packets. Successful exploitation requires a valid user account. The vulnerabilities are reported in version 5.1. Other versions may also be affected. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: LMH and KF ORIGINAL ADVISORY: http://projects.info-pull.com/moab/MOAB-18-01-2007.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2007-0367 // JVNDB: JVNDB-2007-003248 // BID: 86752 // PACKETSTORM: 53760

AFFECTED PRODUCTS

vendor:maxummodel:rumpus ftp serverscope:lteversion:5.1

Trust: 1.8

vendor:maxummodel:rumpus ftp serverscope:eqversion:5.1

Trust: 0.6

sources: JVNDB: JVNDB-2007-003248 // CNNVD: CNNVD-200701-323 // NVD: CVE-2007-0367

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-0367
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-0367
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200701-323
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2007-0367
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2007-003248 // CNNVD: CNNVD-200701-323 // NVD: CVE-2007-0367

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-0367

THREAT TYPE

local

Trust: 1.0

sources: BID: 86752 // PACKETSTORM: 53760 // CNNVD: CNNVD-200701-323

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200701-323

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-003248

PATCH
title:Top Pageurl:http://www.maxum.com/Rumpus/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-003248

EXTERNAL IDS
db:NVDid:CVE-2007-0367
Trust: 2.7
db:SECUNIAid:23842
Trust: 1.7
db:OSVDBid:32691
Trust: 1.6
db:JVNDBid:JVNDB-2007-003248
Trust: 0.8
db:CNNVDid:CNNVD-200701-323
Trust: 0.6
db:BIDid:86752
Trust: 0.3
db:PACKETSTORMid:53760
Trust: 0.1
sources:
            
            
            BID: 86752 // 
            
            
            
            JVNDB: JVNDB-2007-003248 // 
            
            
            
            PACKETSTORM: 53760 // 
            
            
            
            CNNVD: CNNVD-200701-323 // 
            
            
            
            NVD: CVE-2007-0367

REFERENCES
url:http://projects.info-pull.com/moab/moab-18-01-2007.html
Trust: 2.0
url:http://osvdb.org/32691
Trust: 1.6
url:http://secunia.com/advisories/23842
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0367
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0367
Trust: 0.8
url:http://secunia.com/product/11982/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/23842/
Trust: 0.1
url:http://secunia.com/software_inspector/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            BID: 86752 // 
            
            
            
            JVNDB: JVNDB-2007-003248 // 
            
            
            
            PACKETSTORM: 53760 // 
            
            
            
            CNNVD: CNNVD-200701-323 // 
            
            
            
            NVD: CVE-2007-0367

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 86752

SOURCES
db:BIDid:86752
db:JVNDBid:JVNDB-2007-003248
db:PACKETSTORMid:53760
db:CNNVDid:CNNVD-200701-323
db:NVDid:CVE-2007-0367

LAST UPDATE DATE
2025-04-10T23:03:47.475000+00:00

SOURCES UPDATE DATE
db:BIDid:86752date:2007-01-19T00:00:00
db:JVNDBid:JVNDB-2007-003248date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200701-323date:2007-01-21T00:00:00
db:NVDid:CVE-2007-0367date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:BIDid:86752date:2007-01-19T00:00:00
db:JVNDBid:JVNDB-2007-003248date:2012-09-25T00:00:00
db:PACKETSTORMid:53760date:2007-01-20T00:09:28
db:CNNVDid:CNNVD-200701-323date:2007-01-19T00:00:00
db:NVDid:CVE-2007-0367date:2007-01-19T21:28:00