Published: 04/12/2007 Updated: 15/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to override a non-setuid default during installation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sing sing 1.1

/* sing file append exploit by bannedit 12/05/2007 The original reporter of this issue included an example session which added an account to the machine The method for this exploit is slightly different and much more quiet Although it relies upon logrotate for help This could easily be modified to work with cron daemons which are no ...

CWE-264 http://www.securityfocus.com/bid/26679 http://securityreason.com/securityalert/3412 http://osvdb.org/44157 https://exchange.xforce.ibmcloud.com/vulnerabilities/38822 http://www.securityfocus.com/archive/1/484591/100/200/threaded http://www.securityfocus.com/archive/1/484472/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/4698/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-6211

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect