Lucene search

K
cve[email protected]CVE-2005-3580
HistoryNov 16, 2005 - 7:42 a.m.

CVE-2005-3580

2005-11-1607:42:00
web.nvd.nist.gov
21
cve-2005-3580
qdbm
security vulnerability
local users
privilege escalation
nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.

Affected configurations

NVD
Node
qdbmqdbmMatch1.8.13
OR
qdbmqdbmMatch1.8.14
OR
qdbmqdbmMatch1.8.15
OR
qdbmqdbmMatch1.8.16
OR
qdbmqdbmMatch1.8.17
OR
qdbmqdbmMatch1.8.21
OR
qdbmqdbmMatch1.8.24
OR
qdbmqdbmMatch1.8.30
OR
qdbmqdbmMatch1.8.31

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%