Lucene search

[email protected]CVE-2001-0424

HistoryJul 02, 2001 - 4:00 a.m.

CVE-2001-0424

2001-07-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0424

bubblemon 1.31

privilege misuse

nvd

8 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.3%

JSON

BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.

CPENameOperatorVersion
timecop:bubblemontimecop bubblemoneq1.0pl7
timecop:bubblemontimecop bubblemoneq1.23
timecop:bubblemontimecop bubblemoneq1.0pl3
timecop:bubblemontimecop bubblemoneq1.22
timecop:bubblemontimecop bubblemoneq1.0pl6
timecop:bubblemontimecop bubblemoneq1.31
timecop:bubblemontimecop bubblemoneq1.1test3
timecop:bubblemontimecop bubblemoneq1.0pl4
timecop:bubblemontimecop bubblemoneq1.21test1
timecop:bubblemontimecop bubblemoneq1.0pl2

CPE	Name	Operator	Version
timecop:bubblemon	timecop bubblemon	eq	1.0pl7
timecop:bubblemon	timecop bubblemon	eq	1.23
timecop:bubblemon	timecop bubblemon	eq	1.0pl3
timecop:bubblemon	timecop bubblemon	eq	1.22
timecop:bubblemon	timecop bubblemon	eq	1.0pl6
timecop:bubblemon	timecop bubblemon	eq	1.31
timecop:bubblemon	timecop bubblemon	eq	1.1test3
timecop:bubblemon	timecop bubblemon	eq	1.0pl4
timecop:bubblemon	timecop bubblemon	eq	1.21test1
timecop:bubblemon	timecop bubblemon	eq	1.0pl2

Rows per page:

1-10 of 261

References

marc.info/?l=bugtraq&m=98744422105430&w=2

www.securityfocus.com/bid/2609

8 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.3%

JSON