6.6 Medium
AI Score
Confidence
High
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
CPE | Name | Operator | Version |
---|---|---|---|
openbsd:openssh | openbsd openssh | eq | 4.3 |
openbsd:openssh | openbsd openssh | eq | 4.8 |
lists.fedoraproject.org/pipermail/package-announce/2010-March/038214.html
lists.vmware.com/pipermail/security-announce/2010/000082.html
osvdb.org/58495
secunia.com/advisories/38794
secunia.com/advisories/38834
secunia.com/advisories/39182
www.securityfocus.com/bid/36552
www.vupen.com/english/advisories/2010/0528
bugzilla.redhat.com/show_bug.cgi?id=522141
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9862
rhn.redhat.com/errata/RHSA-2009-1470.html