Lucene search

K

Gentoo FoundationMGASA-2015-0239

HistoryMay 27, 2015 - 7:57 p.m.

Updated fuse packages fix CVE-2015-3202

2015-05-2719:57:52

Gentoo Foundation

advisories.mageia.org

13

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

Updated fuse packages fix security vulnerability: Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges (CVE-2015-3202).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchfuse< 2.9.3-2.1fuse-2.9.3-2.1.mga4

References

www.ubuntu.com/usn/usn-2617-1/

bugs.mageia.org/show_bug.cgi?id=16016

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

Related for MGASA-2015-0239

nessus26 exploitpack1 openvas26 fedora6 ubuntu3 securityvulns2 debian9 prion1 osv4 ubuntucve1 amazon1 gentoo2 debiancve1 zdt1 ibm1 packetstorm1 cve1 exploitdb1 rosalinux1