Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-3504
HistoryOct 10, 2012 - 6:55 p.m.

CVE-2012-3504

2012-10-1018:55:00
CWE-264
[email protected]
web.nvd.nist.gov
32
security
vulnerability
nssconfigfound
genkey.pl
crypto-utils
symlink attack
cve-2012-3504

6.1 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

The nssconfigFound function in genkey.pl in crypto-utils 2.4.1-34 allows local users to overwrite arbitrary files via a symlink attack on the “list” file in the current working directory.

Related

openvas 4
fedora 2
cvelist 1
prion 1
nessus 2
openvas
openvas
Fedora Update for crypto-utils FEDORA-2013-3253
2013-03-12 00:00:00
Fedora Update for crypto-utils FEDORA-2013-3253
2013-03-12 00:00:00
Fedora Update for crypto-utils FEDORA-2013-3259
2013-03-12 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: crypto-utils-2.4.1-39.fc18
2013-03-11 01:18:19
[SECURITY] Fedora 17 Update: crypto-utils-2.4.1-39.fc17
2013-03-11 01:24:27
cvelist
cvelist
CVE-2012-3504
2012-10-10 18:00:00
prion
prion
Directory traversal
2012-10-10 18:55:00
nessus
nessus
Fedora 17 : crypto-utils-2.4.1-39.fc17 (2013-3259)
2013-03-11 00:00:00
Fedora 18 : crypto-utils-2.4.1-39.fc18 (2013-3253)
2013-03-11 00:00:00

6.1 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for CVE-2012-3504
openvas4fedora2cvelist1prion1nessus2