Lucene search

[email protected]CVE-2011-4363

HistoryOct 07, 2012 - 9:55 p.m.

CVE-2011-4363

2012-10-0721:55:00

CWE-59

[email protected]

web.nvd.nist.gov

cve-2011-4363

perl

processtable.pm

proc::processtable

symlink attack

local users

file overwrite

5.8 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS.

CPENameOperatorVersion
frii:proc\frii proc\eq\

CPE	Name	Operator	Version
frii:proc\	frii proc\	eq	\

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=650500

secunia.com/advisories/47015

www.openwall.com/lists/oss-security/2011/11/30/2

www.openwall.com/lists/oss-security/2011/11/30/3

www.osvdb.org/77428

www.securityfocus.com/bid/50868

bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4363

rt.cpan.org/Public/Bug/Display.html?id=72862

5.8 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2011-4363

openvas5 ubuntucve1 fedora2 nessus3 mageia1 securityvulns2 prion1 debiancve1