Lucene search
HistoryApr 30, 2014 - 2:22 p.m.
CVE-2014-0470
cve-2014-0470
super 3.30.0
setuid function
local exploit
rlimit_nproc
nvd
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMIT_NPROC attack.
Affected configurations
Node
super_projectsuperMatch3.30.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| super_project:super | super project super | eq | 3.30.0 |
Related
osv
osv
super - security update
2014-04-28 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2917-1)
2014-04-27 00:00:00
Debian Security Advisory DSA 2917-1 (super - security update)
2014-04-28 00:00:00
nvd
nvd
CVE-2014-0470
2014-04-30 14:22:06
debian
debian
[SECURITY] [DSA 2917-1] super security update
2014-04-28 17:55:32
debiancve
debiancve
CVE-2014-0470
2014-04-30 14:22:06
ubuntucve
ubuntucve
CVE-2014-0470
2014-04-30 00:00:00
securityvulns
securityvulns
Privilege escalation via Super
2014-05-02 00:00:00
[SECURITY] [DSA 2917-1] super security update
2014-05-02 00:00:00
nessus
nessus
Debian DSA-2917-1 : super - security update
2014-04-29 00:00:00
cvelist
cvelist
CVE-2014-0470
2014-04-30 14:00:00
veracode
veracode
Privilege Escalation
2020-12-06 03:03:31
prion
prion
Code injection
2014-04-30 14:22:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-0470