CVE-2007-4570

Published: Nov 10, 2007Modified: Apr 23, 2026

1.9

Vector

AV:L/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 3.4 / Impact: 2.9

Source: NVD

Description

Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local users to cause a denial of service (temporary daemon outage) via a large range of compartments in sensitivity labels.

Affected (1)

Products: Redhat: Mcstrans

Redhat

1 product

Mcstrans

Configuration A

1 platform

Running on/with	Platform Versions
Redhat Enterprise Linux	Version 5.0 unkown

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Redhat Mcstrans	Version 0.2.3

Running on/with	Platform Versions
Redhat Enterprise Linux	Version 5.0 unkown

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (16)

http://osvdb.org/39244

Source: secalert@redhat.com

http://secunia.com/advisories/27589

Source: secalert@redhat.com

http://www.securityfocus.com/bid/26371

Source: secalert@redhat.com

https://bugzilla.redhat.com/attachment.cgi?id=193951

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=288201

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/38357

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10350

Source: secalert@redhat.com

https://rhn.redhat.com/errata/RHSA-2007-0542.html

Source: secalert@redhat.com

Patch

http://osvdb.org/39244