VYPR
Unrated severityNVD Advisory· Published Apr 18, 2007· Updated Jun 16, 2026

CVE-2007-2063

CVE-2007-2063

Description

SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for (1) the server pid file, which allows local users to cause arbitrary processes to be stopped, or (2) when _BPX_BATCH_UMASK is missing from the environment, creates HFS files with insecure permissions, which allows local users to read or modify these files and have other unknown impact.

Affected products

5
  • SSH/Tectia Server4 versions
    cpe:2.3:a:ssh:tectia_server:5.0:*:ibm_zos:*:*:*:*:*+ 3 more
    • cpe:2.3:a:ssh:tectia_server:5.0:*:ibm_zos:*:*:*:*:*
    • cpe:2.3:a:ssh:tectia_server:5.1.0:*:ibm_zos:*:*:*:*:*
    • cpe:2.3:a:ssh:tectia_server:5.2.0:*:ibm_zos:*:*:*:*:*
    • cpe:2.3:a:ssh:tectia_server:*:*:ibm_zos:*:*:*:*:*range: <=5.3.0
  • Range: <5.4.0

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.