This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Xfsdump First view 2007-05-14
Product Xfsdump Last view 2007-05-14
Version 2.2.38 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:xfsdump:xfsdump

Activity : Overall

Related : CVE

  Date Alert Description
4.4 2007-05-14 CVE-2007-2654

xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.

CWE : Common Weakness Enumeration

100% (1) CWE-362 Race Condition

Open Source Vulnerability Database (OSVDB)

id Description
36716 xfsdump xfs_fsr Symlink Arbitrary File Manipulation

OpenVAS Exploits

id Description
2009-04-09 Name : Mandriva Update for xfsdump MDKSA-2007:134 (xfsdump)
File : nvt/gb_mandriva_MDKSA_2007_134.nasl
2009-03-23 Name : Ubuntu Update for xfsdump vulnerability USN-516-1
File : nvt/gb_ubuntu_USN_516_1.nasl

Nessus® Vulnerability Scanner

id Description
2007-11-10 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-516-1.nasl - Type: ACT_GATHER_INFO
2007-06-27 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2007-134.nasl - Type: ACT_GATHER_INFO