Lucene search

[email protected]CVE-2001-1409

HistoryJul 24, 2003 - 4:00 a.m.

CVE-2001-1409

2003-07-2404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-1409

xfree86 xserver

insecure permissions

local file modification

/dev/dri directory

6.5 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.

CPENameOperatorVersion
xfree86_project:xfree86_x_serverxfree86 project xfree86 x servereq4.1.0.2

CPE	Name	Operator	Version
xfree86_project:xfree86_x_server	xfree86 project xfree86 x server	eq	4.1.0.2

References

groups.google.com/groups?selm=20010829121505.A16004%40compusol.com.au

sunsolve.sun.com/search/document.do?assetkey=1-66-228529-1

sunsolve.sun.com/search/document.do?assetkey=1-77-1017429.1-1

www.redhat.com/support/errata/RHSA-2003-067.html

6.5 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2001-1409

redhat1 securityvulns1 nessus1