Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-4454HistoryOct 10, 2012 - 6:55 p.m.
CVE-2012-4454
2012-10-1018:55:04
Debian Security Bug Tracker
security-tracker.debian.org
7
2.9 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
10.2%
openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | opencryptoki | < 3.4.1+dfsg-1 | opencryptoki_3.4.1+dfsg-1_all.deb |
| Debian | 11 | all | opencryptoki | < 3.4.1+dfsg-1 | opencryptoki_3.4.1+dfsg-1_all.deb |
| Debian | 999 | all | opencryptoki | < 3.4.1+dfsg-1 | opencryptoki_3.4.1+dfsg-1_all.deb |
| Debian | 13 | all | opencryptoki | < 3.4.1+dfsg-1 | opencryptoki_3.4.1+dfsg-1_all.deb |
Related
cvelist
cvelist
CVE-2012-4454
2012-10-10 18:00:00
nvd
nvd
CVE-2012-4454
2012-10-10 18:55:04
prion
prion
Code injection
2012-10-10 18:55:00
cve
cve
CVE-2012-4454
2012-10-10 18:55:04
ubuntucve
ubuntucve
CVE-2012-4454
2012-10-10 00:00:00
nessus
nessus
SuSE 11.2 Security Update : openCryptoki (SAT Patch Number 7053)
2013-01-25 00:00:00
RHEL 5 : opencryptoki (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 4 : opencryptoki (Unpatched Vulnerability)
2024-06-03 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:1705-1)
2021-06-09 00:00:00
2.9 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
10.2%
Related for DEBIANCVE:CVE-2012-4454