Lucene search

[email protected]CVE-2009-0415

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-0415

2022-10-0316:24:10

[email protected]

web.nvd.nist.gov

cve-2009-0415

trickle 1.07

untrusted search path

vulnerability

ld_preload

nvd

3.7 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD_PRELOAD path.

Affected configurations

NVD

Node

monkeytrickleMatch1.07

CPENameOperatorVersion
monkey:tricklemonkey trickleeq1.07

CPE	Name	Operator	Version
monkey:trickle	monkey trickle	eq	1.07

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=513456

www.openwall.com/lists/oss-security/2009/01/29/5

www.securityfocus.com/bid/33516

3.7 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2009-0415

openvas4 prion1 cvelist1 nessus2 fedora2 debiancve1 ubuntucve1 nvd1