Vulnerability Description
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Racf | - |
| Apple | Macos | All versions |
| Hp | Hp-Ux | All versions |
| Hp | Tru64 | All versions |
| Ibm | Aix | All versions |
| Ibm | Os 400 | gold |
| Linux | Linux Kernel | All versions |
| Microsoft | Windows Server | All versions |
| Siemens | Reliant Unix | All versions |
| Sun | Solaris | All versions |
| Sap | Rfc Library | 6.4 |
References
- http://secunia.com/advisories/24722
- http://securityreason.com/securityalert/2535
- http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_
- http://www.securityfocus.com/archive/1/464669/100/0/threaded
- http://www.securityfocus.com/bid/23305Vendor Advisory
- http://www.vupen.com/english/advisories/2007/1270
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33423
- http://secunia.com/advisories/24722
- http://securityreason.com/securityalert/2535
- http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_
- http://www.securityfocus.com/archive/1/464669/100/0/threaded
- http://www.securityfocus.com/bid/23305Vendor Advisory
- http://www.vupen.com/english/advisories/2007/1270
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33423
FAQ
What is CVE-2007-1913?
CVE-2007-1913 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vec...
How severe is CVE-2007-1913?
CVE-2007-1913 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1913?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Racf, Apple Macos, Hp Hp-Ux, Hp Tru64, Ibm Aix.