Lucene search

[email protected]CVE-2010-3351

HistoryOct 20, 2010 - 6:00 p.m.

CVE-2010-3351

2010-10-2018:00:03

[email protected]

web.nvd.nist.gov

cve-2010-3351

bristol 0.60.5

ld_library_path

privilege escalation

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Affected configurations

NVD

Node

nick_copelandbristolMatch0.60.5

Node

nick_copelandbristolMatch0.9.3

nick_copelandbristolMatch0.9.4-1

nick_copelandbristolMatch0.9.4-57

nick_copelandbristolMatch0.9.5-13

nick_copelandbristolMatch0.9.5-19

nick_copelandbristolMatch0.9.5-37

nick_copelandbristolMatch0.9.5-48

nick_copelandbristolMatch0.9.5-60

nick_copelandbristolMatch0.9.5-66

nick_copelandbristolMatch0.9.5-89

nick_copelandbristolMatch0.9.6-113

nick_copelandbristolMatch0.9.6-121

nick_copelandbristolMatch0.9.6-150

nick_copelandbristolMatch0.9.6-169

nick_copelandbristolMatch0.9.6-212

nick_copelandbristolMatch0.10.1

nick_copelandbristolMatch0.10.2

nick_copelandbristolMatch0.10.3

nick_copelandbristolMatch0.10.4

nick_copelandbristolMatch0.10.5

nick_copelandbristolMatch0.10.6

nick_copelandbristolMatch0.10.7

nick_copelandbristolMatch0.10.8

nick_copelandbristolMatch0.10.9

nick_copelandbristolMatch0.10.10

nick_copelandbristolMatch0.10.11

nick_copelandbristolMatch0.10.12

nick_copelandbristolMatch0.10.13

nick_copelandbristolMatch0.20.1

nick_copelandbristolMatch0.20.2

nick_copelandbristolMatch0.20.3

nick_copelandbristolMatch0.20.4

nick_copelandbristolMatch0.20.5

nick_copelandbristolMatch0.20.6

nick_copelandbristolMatch0.20.7

nick_copelandbristolMatch0.20.8

nick_copelandbristolMatch0.20.9

nick_copelandbristolMatch0.20.10

nick_copelandbristolMatch0.30.1

nick_copelandbristolMatch0.30.2

nick_copelandbristolMatch0.30.3

nick_copelandbristolMatch0.30.4

nick_copelandbristolMatch0.30.5

nick_copelandbristolMatch0.30.6

nick_copelandbristolMatch0.30.7

nick_copelandbristolMatch0.30.8

nick_copelandbristolMatch0.30.9

nick_copelandbristolMatch0.40.3

nick_copelandbristolMatch0.40.4

nick_copelandbristolMatch0.40.5

nick_copelandbristolMatch0.40.6

nick_copelandbristolMatch0.40.7

nick_copelandbristolMatch0.40.8

nick_copelandbristolMatch0.50.2

nick_copelandbristolMatch0.50.3

nick_copelandbristolMatch0.50.5

nick_copelandbristolMatch0.50.6

nick_copelandbristolMatch0.50.7

nick_copelandbristolMatch0.50.8

nick_copelandbristolMatch0.60.0

nick_copelandbristolMatch0.60.1

nick_copelandbristolMatch0.60.2

nick_copelandbristolMatch0.60.3

nick_copelandbristolMatch0.60.4

nick_copelandbristolMatch0.60.6

nick_copelandbristolMatch0.60.7

CPENameOperatorVersion
nick_copeland:bristolnick copeland bristoleq0.60.5

CPE	Name	Operator	Version
nick_copeland:bristol	nick copeland bristol	eq	0.60.5

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=598285

lists.fedoraproject.org/pipermail/package-announce/2010-November/050784.html

lists.fedoraproject.org/pipermail/package-announce/2010-November/050787.html

lists.fedoraproject.org/pipermail/package-announce/2010-November/050805.html

secunia.com/advisories/42272

www.securityfocus.com/bid/44335

www.vupen.com/english/advisories/2010/2972

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2010-3351

nessus3 openvas6 prion1 cvelist1 debiancve1 ubuntucve1 nvd1 fedora3