Lucene search
HistorySep 06, 2011 - 4:55 p.m.
CVE-2011-2660
cve-2011-2660
vpnc
suse linux
remote code execution
dns
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.6%
The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name.
Affected configurations
Node
susevpncRange≤0.5.1
ORsuselinux_enterprise_desktopMatch11sp1
| CPE | Name | Operator | Version |
|---|---|---|---|
| suse:vpnc | suse vpnc | le | 0.5.1 |
| suse:linux_enterprise_desktop | suse linux enterprise desktop | eq | 11 |
Related
nvd
nvd
CVE-2011-2660
2011-09-06 16:55:08
suse
suse
Security update for vpnc (important)
2011-08-31 09:08:13
Security update for vpnc (important)
2011-08-31 08:08:21
prion
prion
Design/Logic Flaw
2011-09-06 16:55:00
debiancve
debiancve
CVE-2011-2660
2011-09-06 16:55:08
ubuntucve
ubuntucve
CVE-2011-2660
2011-09-06 00:00:00
nessus
nessus
SuSE 11.1 Security Update : vpnc (SAT Patch Number 5027)
2011-08-31 00:00:00
SuSE 10 Security Update : vpnc (ZYPP Patch Number 7692)
2011-12-13 00:00:00
cvelist
cvelist
CVE-2011-2660
2011-09-06 16:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.6%
Related for CVE-2011-2660