{"id": "CVE-2011-1408", "bulletinFamily": "NVD", "title": "CVE-2011-1408", "description": "ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks.", "published": "2019-10-29T20:15:00", "modified": "2020-08-18T15:05:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1408", "reporter": "cve@mitre.org", "references": ["https://ikiwiki.info/security/#index40h2", "https://security-tracker.debian.org/tracker/CVE-2011-1408", "https://snyk.io/vuln/SNYK-LINUX-IKIWIKI-133098", "https://www.tenable.com/plugins/nessus/55157"], "cvelist": ["CVE-2011-1408"], "type": "cve", "lastseen": "2020-12-09T19:39:06", "edition": 10, "viewCount": 34, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:69750", "OPENVAS:136141256231069750"]}, {"type": "freebsd", "idList": ["3145FAF1-974C-11E0-869E-000C29249B2E"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_3145FAF1974C11E0869E000C29249B2E.NASL"]}], "modified": "2020-12-09T19:39:06", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2020-12-09T19:39:06", "rev": 2}, "vulnersScore": 5.9}, "cpe": ["cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "affectedSoftware": [{"cpeName": "debian:debian_linux", "name": "debian debian linux", "operator": "eq", "version": "8.0"}, {"cpeName": "ikiwiki:ikiwiki", "name": "ikiwiki", "operator": "lt", "version": "3.20110608"}, {"cpeName": "debian:debian_linux", "name": "debian debian linux", "operator": "eq", "version": "10.0"}, {"cpeName": "debian:debian_linux", "name": "debian debian linux", "operator": "eq", "version": "9.0"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"], "cwe": ["CWE-59"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:ikiwiki:ikiwiki:3.20110608:*:*:*:*:*:*:*", "versionEndExcluding": "3.20110608", "vulnerable": true}], "operator": "OR"}]}}

{"openvas": [{"lastseen": "2017-07-02T21:13:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1408"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-02-25T00:00:00", "published": "2011-08-03T00:00:00", "id": "OPENVAS:69750", "href": "http://plugins.openvas.org/nasl.php?oid=69750", "type": "openvas", "title": "FreeBSD Ports: ikiwiki", "sourceData": "#\n#VID 3145faf1-974c-11e0-869e-000c29249b2e\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 3145faf1-974c-11e0-869e-000c29249b2e\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: ikiwiki\n\nCVE-2011-1408\n** RESERVED **\nThis candidate has been reserved by an organization or individual that\nwill use it when announcing a new security problem. When the\ncandidate has been publicized, the details for this candidate will be\nprovided.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://ikiwiki.info/security/#index40h2\nhttp://www.vuxml.org/freebsd/3145faf1-974c-11e0-869e-000c29249b2e.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(69750);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-1408\");\n script_tag(name:\"cvss_base\", value:\"9.3\"); \n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\"); \n\n script_name(\"FreeBSD Ports: ikiwiki\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"ikiwiki\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.20110608\")<0) {\n txt += 'Package ikiwiki version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-11-13T20:24:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1408"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2019-11-12T00:00:00", "published": "2011-08-03T00:00:00", "id": "OPENVAS:136141256231069750", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069750", "type": "openvas", "title": "FreeBSD Ports: ikiwiki", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto generated from VID 3145faf1-974c-11e0-869e-000c29249b2e\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69750\");\n script_version(\"2019-11-12T13:06:17+0000\");\n script_tag(name:\"last_modification\", value:\"2019-11-12 13:06:17 +0000 (Tue, 12 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-1408\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"FreeBSD Ports: ikiwiki\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: ikiwiki\n\nCVE-2011-1408\n** RESERVED **\nThis candidate has been reserved by an organization or individual that\nwill use it when announcing a new security problem. When the\ncandidate has been publicized, the details for this candidate will be\nprovided.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://ikiwiki.info/security/#index40h2\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/3145faf1-974c-11e0-869e-000c29249b2e.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"ikiwiki\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.20110608\")<0) {\n txt += 'Package ikiwiki version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-07T10:41:05", "description": "The IkiWiki development team reports :\n\nLudwig Nussel discovered a way for users to hijack root's tty when\nikiwiki-mass-rebuild was run. Additionally, there was some potential\nfor information disclosure via symlinks.", "edition": 24, "published": "2011-06-16T00:00:00", "title": "FreeBSD : ikiwiki -- tty hijacking via ikiwiki-mass-rebuild (3145faf1-974c-11e0-869e-000c29249b2e)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1408"], "modified": "2011-06-16T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:ikiwiki"], "id": "FREEBSD_PKG_3145FAF1974C11E0869E000C29249B2E.NASL", "href": "https://www.tenable.com/plugins/nessus/55157", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55157);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1408\");\n\n script_name(english:\"FreeBSD : ikiwiki -- tty hijacking via ikiwiki-mass-rebuild (3145faf1-974c-11e0-869e-000c29249b2e)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The IkiWiki development team reports :\n\nLudwig Nussel discovered a way for users to hijack root's tty when\nikiwiki-mass-rebuild was run. Additionally, there was some potential\nfor information disclosure via symlinks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ikiwiki.info/security/#index40h2\"\n );\n # https://vuxml.freebsd.org/freebsd/3145faf1-974c-11e0-869e-000c29249b2e.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?153bade5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ikiwiki\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ikiwiki<3.20110608\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "freebsd": [{"lastseen": "2019-11-09T20:06:20", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1408"], "edition": 2, "description": "\nThe IkiWiki development team reports:\n\nLudwig Nussel discovered a way for users to hijack root's tty\n\t when ikiwiki-mass-rebuild was run. Additionally, there was\n\t some potential for information disclosure via symlinks.\n\n", "modified": "2011-06-08T00:00:00", "published": "2011-06-08T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/3145faf1-974c-11e0-869e-000c29249b2e.html", "id": "3145FAF1-974C-11E0-869E-000C29249B2E", "title": "ikiwiki -- tty hijacking via ikiwiki-mass-rebuild", "type": "freebsd", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}]}