Lucene search

[email protected]CVE-2011-1551

HistoryMar 30, 2011 - 10:55 p.m.

CVE-2011-1551

2011-03-3022:55:02

CWE-264

[email protected]

web.nvd.nist.gov

cve-2011-1551

suse

opensuse factory

directory ownership

local privilege escalation

cobbler daemon

6.8 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

19.5%

JSON

SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ directory tree to the web-service user account, which might allow local users to gain privileges by leveraging access to this account during root filesystem operations by the Cobbler daemon.

Affected configurations

NVD

Node

novellopensuse_factory

CPENameOperatorVersion
novell:opensuse_factorynovell opensuse factoryeq*

CPE	Name	Operator	Version
novell:opensuse_factory	novell opensuse factory	eq	*

References

openwall.com/lists/oss-security/2011/03/23/11

exchange.xforce.ibmcloud.com/vulnerabilities/66487

6.8 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

19.5%

JSON

Related for CVE-2011-1551

nessus1 cvelist1 prion1 nvd1 ubuntucve1