Lucene search

[email protected]NVD:CVE-2011-0007

HistoryJan 11, 2011 - 3:00 a.m.

CVE-2011-0007

2011-01-1103:00:05

CWE-59

[email protected]

web.nvd.nist.gov

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

Percentile

5.1%

JSON

pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a USR1 signal is sent, or (2) pimd.cache when USR2 is sent.

Affected configurations

Nvd

Node

troglobitpimdMatch2.1.5

VendorProductVersionCPE
troglobitpimd2.1.5cpe:2.3:a:troglobit:pimd:2.1.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
troglobit	pimd	2.1.5	cpe:2.3:a:troglobit:pimd:2.1.5:::::::*

References

secunia.com/advisories/42759

secunia.com/advisories/42793

www.debian.org/security/2011/dsa-2147

www.openwall.com/lists/oss-security/2011/01/07/3

www.openwall.com/lists/oss-security/2011/01/07/4

www.osvdb.org/70305

www.securityfocus.com/bid/45715

www.vupen.com/english/advisories/2011/0113

exchange.xforce.ibmcloud.com/vulnerabilities/64528

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2011-0007

openvas3 cve1 prion1 cvelist1 ubuntucve1 debian1 nessus2 securityvulns2 debiancve1 osv1 gentoo1