CVE-2007-4074: CVE-2007-4074

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-4074

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute arbitrary commands via the local daemon on port 1314, a different vulnerability than CVE-2001-0956. NOTE: this issue is local in some environments, but remote on others.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Festival Insecure Command 本地特权提升和远程代码执行漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Speech Technology Research (CSTR) Festival 1.95 beta (又称2.0 beta)的中心默认设置在没有提交任何权限请求的情况下提升特权并在本地运行，这会允许见机行事的攻击者可以借助端口1314上的本地后台程序，执行任意指令。该漏洞不同于CVE-2001-0956。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-4074

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-4074

Please Login to view more intelligence information

http://bugs.gentoo.org/show_bug.cgi?id=170477x_refsource_CONFIRM
http://secunia.com/advisories/26229third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/25069vdb-entryx_refsource_BID
http://secunia.com/advisories/27271third-party-advisoryx_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200707-10.xmlvendor-advisoryx_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.htmlvendor-advisoryx_refsource_SUSE
https://exchange.xforce.ibmcloud.com/vulnerabilities/35606vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/490465/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-4074

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-4074

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2007-4074

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-4074

III. Intelligence Information for CVE-2007-4074

IV. Related Vulnerabilities

V. Comments for CVE-2007-4074

Leave a comment