Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-2709HistoryJun 21, 2012 - 3:55 p.m.
CVE-2011-2709
2012-06-2115:55:00
Debian Security Bug Tracker
security-tracker.debian.org
9
0.0004 Low
EPSS
Percentile
5.2%
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libgssglue | < 0.4-1 | libgssglue_0.4-1_all.deb |
| Debian | 11 | all | libgssglue | < 0.4-1 | libgssglue_0.4-1_all.deb |
| Debian | 10 | all | libgssglue | < 0.4-1 | libgssglue_0.4-1_all.deb |
| Debian | 999 | all | libgssglue | < 0.4-1 | libgssglue_0.4-1_all.deb |
| Debian | 13 | all | libgssglue | < 0.4-1 | libgssglue_0.4-1_all.deb |
Related
openvas
openvas
Gentoo Security Advisory GLSA 201209-22 (libgssglue)
2012-10-03 00:00:00
Ubuntu: Security Advisory (USN-1612-1)
2012-10-16 00:00:00
Ubuntu Update for libgssglue USN-1612-1
2012-10-16 00:00:00
nessus
nessus
Fedora 17 : libgssglue-0.4-0.fc17 (2012-7971)
2012-06-18 00:00:00
GLSA-201209-22 : libgssglue: Privilege escalation
2012-09-28 00:00:00
Fedora 16 : libgssglue-0.4-0.fc16 (2012-8067)
2012-06-11 00:00:00
securityvulns
securityvulns
libgssapi / libgssglue privilege escalation
2013-04-09 00:00:00
[ MDVSA-2013:043 ] libgssglue
2013-04-09 00:00:00
ubuntucve
ubuntucve
CVE-2011-2709
2012-06-21 00:00:00
cve
cve
CVE-2011-2709
2012-06-21 15:55:00
fedora
fedora
[SECURITY] Fedora 17 Update: libgssglue-0.4-0.fc17
2012-06-15 12:29:38
[SECURITY] Fedora 16 Update: libgssglue-0.4-0.fc16
2012-06-10 01:35:04
ubuntu
ubuntu
libgssglue vulnerability
2012-10-15 00:00:00
prion
prion
Code injection
2012-06-21 15:55:00
cvelist
cvelist
CVE-2011-2709
2012-06-21 15:00:00
gentoo
gentoo
libgssglue: Privilege escalation
2012-09-28 00:00:00