Lucene search
HistoryOct 20, 2010 - 6:00 p.m.
CVE-2010-3384
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.1%
The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and (6) nfs2ac scripts in TORCS 1.3.1 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Affected configurations
Node
bernhard_wymanntorcsMatch1.3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bernhard_wymann | torcs | 1.3.1 | cpe:2.3:a:bernhard_wymann:torcs:1.3.1:*:*:*:*:*:*:* |
Related
openvas
openvas
FreeBSD Ports: torcs
2012-02-12 00:00:00
FreeBSD Ports: torcs
2012-02-12 00:00:00
prion
prion
Directory traversal
2010-10-20 18:00:00
debiancve
debiancve
CVE-2010-3384
2010-10-20 18:00:04
cve
cve
CVE-2010-3384
2010-10-20 18:00:04
nessus
nessus
freebsd
freebsd
torcs -- untrusted local library loading
2010-10-20 00:00:00
cvelist
cvelist
CVE-2010-3384
2010-10-20 17:00:00
ubuntucve
ubuntucve
CVE-2010-3384
2010-10-20 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2010-3384