Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-3385HistoryOct 03, 2022 - 4:20 p.m.
CVE-2010-3385
2022-10-0316:20:57
Debian Security Bug Tracker
security-tracker.debian.org
11
tuxguitar privilege escalation trojan horse unix
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | tuxguitar | < 1.2-7 | tuxguitar_1.2-7_all.deb |
| Debian | 11 | all | tuxguitar | < 1.2-7 | tuxguitar_1.2-7_all.deb |
| Debian | 999 | all | tuxguitar | < 1.2-7 | tuxguitar_1.2-7_all.deb |
| Debian | 13 | all | tuxguitar | < 1.2-7 | tuxguitar_1.2-7_all.deb |
Related
nessus
nessus
Fedora 14 : tuxguitar-1.2-3.fc14 (2010-15650)
2010-10-20 00:00:00
Fedora 13 : tuxguitar-1.2-3.fc13 (2010-15783)
2010-10-22 00:00:00
Fedora 12 : tuxguitar-1.2-3.fc12 (2010-15765)
2010-10-22 00:00:00
openvas
openvas
Fedora Update for tuxguitar FEDORA-2010-15650
2010-12-02 00:00:00
Fedora Update for tuxguitar FEDORA-2010-15765
2010-10-22 00:00:00
Fedora Update for tuxguitar FEDORA-2010-15783
2010-10-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package tuxguitar version 1.2-alt2
2011-10-11 00:00:00
Security fix for the ALT Linux 6 package tuxguitar version 1.2-alt1.M60P.1
2011-12-05 00:00:00
Security fix for the ALT Linux 5 package tuxguitar version 1.2-alt2
2011-10-11 00:00:00
cve
cve
CVE-2010-3385
2022-10-03 16:20:57
fedora
fedora
[SECURITY] Fedora 14 Update: tuxguitar-1.2-3.fc14
2010-10-19 09:12:44
[SECURITY] Fedora 12 Update: tuxguitar-1.2-3.fc12
2010-10-21 05:57:55
[SECURITY] Fedora 13 Update: tuxguitar-1.2-3.fc13
2010-10-21 06:02:40
cvelist
cvelist
CVE-2010-3385
2022-10-03 16:20:57
nvd
nvd
CVE-2010-3385
2010-10-20 18:00:04
ubuntucve
ubuntucve
CVE-2010-3385
2010-10-20 00:00:00
prion
prion
Directory traversal
2010-10-20 18:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2010-3385