CVE-2007-2063

NONE EPSS 21.9%
Published Apr 18, 200719y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 18, 2007 19y ago
Last Modified Jun 16, 2026 2w ago

Description

SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for (1) the server pid file, which allows local users to cause arbitrary processes to be stopped, or (2) when _BPX_BATCH_UMASK is missing from the environment, creates HFS files with insecure permissions, which allows local users to read or modify these files and have other unknown impact.

Threat Intelligence

EPSS Exploit Probability
21.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-264

Affected Products 4

VendorProductVersionRange
sshtectia_server* ≤5.3.0
sshtectia_server5.0any
sshtectia_server5.1.0any
sshtectia_server5.2.0any

References 8

Remediation

  • secunia.com http://secunia.com/advisories/24916
    PatchVendor Advisory