CVE-2007-3102

Publication date 18 October 2007

Last updated 24 July 2024

Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
openssh	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	7.10 gutsy	Not affected
	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

Notes

mdeslaur

this issue in util-linux is CVE-2008-1296 I’m removing util-linux from here

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00214.html
https://bugzilla.redhat.com/show_bug.cgi?id=248059
https://www.cve.org/CVERecord?id=CVE-2007-3102