Lucene search
HistoryMay 18, 2012 - 10:55 p.m.
CVE-2012-2321
cve-2012-2321
connman
remote code execution
security vulnerability
nvd
7.6 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.012 Low
EPSS
Percentile
85.3%
The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply.
Affected configurations
Node
connmanconnmanRange≤0.84
ORconnmanconnmanMatch0.1
ORconnmanconnmanMatch0.2
ORconnmanconnmanMatch0.3
ORconnmanconnmanMatch0.4
ORconnmanconnmanMatch0.5
ORconnmanconnmanMatch0.6
ORconnmanconnmanMatch0.7
ORconnmanconnmanMatch0.8
ORconnmanconnmanMatch0.9
ORconnmanconnmanMatch0.10
ORconnmanconnmanMatch0.11
ORconnmanconnmanMatch0.12
ORconnmanconnmanMatch0.13
ORconnmanconnmanMatch0.14
ORconnmanconnmanMatch0.15
ORconnmanconnmanMatch0.16
ORconnmanconnmanMatch0.17
ORconnmanconnmanMatch0.18
ORconnmanconnmanMatch0.19
ORconnmanconnmanMatch0.20
ORconnmanconnmanMatch0.21
ORconnmanconnmanMatch0.22
ORconnmanconnmanMatch0.23
ORconnmanconnmanMatch0.24
ORconnmanconnmanMatch0.25
ORconnmanconnmanMatch0.26
ORconnmanconnmanMatch0.27
ORconnmanconnmanMatch0.28
ORconnmanconnmanMatch0.29
ORconnmanconnmanMatch0.30
ORconnmanconnmanMatch0.31
ORconnmanconnmanMatch0.32
ORconnmanconnmanMatch0.33
ORconnmanconnmanMatch0.34
ORconnmanconnmanMatch0.35
ORconnmanconnmanMatch0.36
ORconnmanconnmanMatch0.37
ORconnmanconnmanMatch0.38
ORconnmanconnmanMatch0.39
ORconnmanconnmanMatch0.40
ORconnmanconnmanMatch0.41
ORconnmanconnmanMatch0.42
ORconnmanconnmanMatch0.43
ORconnmanconnmanMatch0.44
ORconnmanconnmanMatch0.45
ORconnmanconnmanMatch0.46
ORconnmanconnmanMatch0.47
ORconnmanconnmanMatch0.48
ORconnmanconnmanMatch0.49
ORconnmanconnmanMatch0.50
ORconnmanconnmanMatch0.51
ORconnmanconnmanMatch0.52
ORconnmanconnmanMatch0.53
ORconnmanconnmanMatch0.54
ORconnmanconnmanMatch0.55
ORconnmanconnmanMatch0.56
ORconnmanconnmanMatch0.57
ORconnmanconnmanMatch0.58
ORconnmanconnmanMatch0.59
ORconnmanconnmanMatch0.60
ORconnmanconnmanMatch0.61
ORconnmanconnmanMatch0.62
ORconnmanconnmanMatch0.63
ORconnmanconnmanMatch0.64
ORconnmanconnmanMatch0.65
ORconnmanconnmanMatch0.66
ORconnmanconnmanMatch0.67
ORconnmanconnmanMatch0.68
ORconnmanconnmanMatch0.69
ORconnmanconnmanMatch0.70
ORconnmanconnmanMatch0.71
ORconnmanconnmanMatch0.72
ORconnmanconnmanMatch0.73
ORconnmanconnmanMatch0.74
ORconnmanconnmanMatch0.75
ORconnmanconnmanMatch0.76
ORconnmanconnmanMatch0.77
ORconnmanconnmanMatch0.78
ORconnmanconnmanMatch0.79
ORconnmanconnmanMatch0.80
ORconnmanconnmanMatch0.81
ORconnmanconnmanMatch0.82
ORconnmanconnmanMatch0.83
Node
connmanconnmanRange≤0.84
ORconnmanconnmanMatch0.1
ORconnmanconnmanMatch0.2
ORconnmanconnmanMatch0.3
ORconnmanconnmanMatch0.4
ORconnmanconnmanMatch0.5
ORconnmanconnmanMatch0.6
ORconnmanconnmanMatch0.7
ORconnmanconnmanMatch0.8
ORconnmanconnmanMatch0.9
ORconnmanconnmanMatch0.10
ORconnmanconnmanMatch0.11
ORconnmanconnmanMatch0.12
ORconnmanconnmanMatch0.13
ORconnmanconnmanMatch0.14
ORconnmanconnmanMatch0.15
ORconnmanconnmanMatch0.16
ORconnmanconnmanMatch0.17
ORconnmanconnmanMatch0.18
ORconnmanconnmanMatch0.19
ORconnmanconnmanMatch0.20
ORconnmanconnmanMatch0.21
ORconnmanconnmanMatch0.22
ORconnmanconnmanMatch0.23
ORconnmanconnmanMatch0.24
ORconnmanconnmanMatch0.25
ORconnmanconnmanMatch0.26
ORconnmanconnmanMatch0.27
ORconnmanconnmanMatch0.28
ORconnmanconnmanMatch0.29
ORconnmanconnmanMatch0.30
ORconnmanconnmanMatch0.31
ORconnmanconnmanMatch0.32
ORconnmanconnmanMatch0.33
ORconnmanconnmanMatch0.34
ORconnmanconnmanMatch0.35
ORconnmanconnmanMatch0.36
ORconnmanconnmanMatch0.37
ORconnmanconnmanMatch0.38
ORconnmanconnmanMatch0.39
ORconnmanconnmanMatch0.40
ORconnmanconnmanMatch0.41
ORconnmanconnmanMatch0.42
ORconnmanconnmanMatch0.43
ORconnmanconnmanMatch0.44
ORconnmanconnmanMatch0.45
ORconnmanconnmanMatch0.46
ORconnmanconnmanMatch0.47
ORconnmanconnmanMatch0.48
ORconnmanconnmanMatch0.49
ORconnmanconnmanMatch0.50
ORconnmanconnmanMatch0.51
ORconnmanconnmanMatch0.52
ORconnmanconnmanMatch0.53
ORconnmanconnmanMatch0.54
ORconnmanconnmanMatch0.55
ORconnmanconnmanMatch0.56
ORconnmanconnmanMatch0.57
ORconnmanconnmanMatch0.58
ORconnmanconnmanMatch0.59
ORconnmanconnmanMatch0.60
ORconnmanconnmanMatch0.61
ORconnmanconnmanMatch0.62
ORconnmanconnmanMatch0.63
ORconnmanconnmanMatch0.64
ORconnmanconnmanMatch0.65
ORconnmanconnmanMatch0.66
ORconnmanconnmanMatch0.67
ORconnmanconnmanMatch0.68
ORconnmanconnmanMatch0.69
ORconnmanconnmanMatch0.70
ORconnmanconnmanMatch0.71
ORconnmanconnmanMatch0.72
ORconnmanconnmanMatch0.73
ORconnmanconnmanMatch0.74
ORconnmanconnmanMatch0.75
ORconnmanconnmanMatch0.76
ORconnmanconnmanMatch0.77
ORconnmanconnmanMatch0.78
ORconnmanconnmanMatch0.79
ORconnmanconnmanMatch0.80
ORconnmanconnmanMatch0.81
ORconnmanconnmanMatch0.82
ORconnmanconnmanMatch0.83
References
git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=26ace5c59f790bce0f1988b88874c6f2c480fd5a
git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=a5f540db7354b76bcabd0a05d8eb8ba2bff4e911
secunia.com/advisories/49033
secunia.com/advisories/49186
security.gentoo.org/glsa/glsa-201205-02.xml
www.openwall.com/lists/oss-security/2012/05/07/10
www.openwall.com/lists/oss-security/2012/05/07/2
www.openwall.com/lists/oss-security/2012/05/07/6
www.osvdb.org/81705
www.securityfocus.com/bid/53408
bugzilla.novell.com/show_bug.cgi?id=715172
exchange.xforce.ibmcloud.com/vulnerabilities/75466
Related
prion
prion
Design/Logic Flaw
2012-05-18 22:55:00
debiancve
debiancve
CVE-2012-2321
2012-05-18 22:55:06
cvelist
cvelist
CVE-2012-2321
2012-05-18 22:00:00
nvd
nvd
CVE-2012-2321
2012-05-18 22:55:06
ubuntucve
ubuntucve
CVE-2012-2321
2012-05-18 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201205-02 (ConnMan)
2012-05-31 00:00:00
Gentoo Security Advisory GLSA 201205-02 (ConnMan)
2012-05-31 00:00:00
gentoo
gentoo
ConnMan: Multiple vulnerabilities
2012-05-15 00:00:00
nessus
nessus
GLSA-201205-02 : ConnMan: Multiple vulnerabilities
2012-06-21 00:00:00
7.6 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.012 Low
EPSS
Percentile
85.3%
Related for CVE-2012-2321