Lucene search

[email protected]CVE-2005-1379

HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1379

2005-05-0304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1379

mandrake linux

lam runtime environment

mpi user

privilege escalation

6.7 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges.

CPENameOperatorVersion
mandrakesoft:mandrake_lam-runtimemandrakesoft mandrake lam-runtimeeq7.0.6.2mdk

CPE	Name	Operator	Version
mandrakesoft:mandrake_lam-runtime	mandrakesoft mandrake lam-runtime	eq	7.0.6.2mdk

References

marc.info/?l=bugtraq&m=111472262231060&w=2

www.securityfocus.com/bid/13431

6.7 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2005-1379

debiancve1 nessus1