Lucene search

K
nvd[email protected]NVD:CVE-2011-1089
HistoryApr 10, 2011 - 2:55 a.m.

CVE-2011-1089

2011-04-1002:55:01
CWE-16
web.nvd.nist.gov
7

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:P/A:N

AI Score

8.2

Confidence

High

EPSS

0

Percentile

10.1%

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.

Affected configurations

Nvd
Node
gnuglibcRange2.13
OR
gnuglibcMatch1.00
OR
gnuglibcMatch1.01
OR
gnuglibcMatch1.02
OR
gnuglibcMatch1.03
OR
gnuglibcMatch1.04
OR
gnuglibcMatch1.05
OR
gnuglibcMatch1.06
OR
gnuglibcMatch1.07
OR
gnuglibcMatch1.08
OR
gnuglibcMatch1.09
OR
gnuglibcMatch1.09.1
OR
gnuglibcMatch2.0
OR
gnuglibcMatch2.0.1
OR
gnuglibcMatch2.0.2
OR
gnuglibcMatch2.0.3
OR
gnuglibcMatch2.0.4
OR
gnuglibcMatch2.0.5
OR
gnuglibcMatch2.0.6
OR
gnuglibcMatch2.1
OR
gnuglibcMatch2.1.1
OR
gnuglibcMatch2.1.1.6
OR
gnuglibcMatch2.1.2
OR
gnuglibcMatch2.1.3
OR
gnuglibcMatch2.1.3.10
OR
gnuglibcMatch2.1.9
OR
gnuglibcMatch2.2
OR
gnuglibcMatch2.2.1
OR
gnuglibcMatch2.2.2
OR
gnuglibcMatch2.2.3
OR
gnuglibcMatch2.2.4
OR
gnuglibcMatch2.2.5
OR
gnuglibcMatch2.3
OR
gnuglibcMatch2.3.1
OR
gnuglibcMatch2.3.2
OR
gnuglibcMatch2.3.3
OR
gnuglibcMatch2.3.4
OR
gnuglibcMatch2.3.5
OR
gnuglibcMatch2.3.6
OR
gnuglibcMatch2.3.10
OR
gnuglibcMatch2.4
OR
gnuglibcMatch2.5
OR
gnuglibcMatch2.5.1
OR
gnuglibcMatch2.6
OR
gnuglibcMatch2.6.1
OR
gnuglibcMatch2.7
OR
gnuglibcMatch2.8
OR
gnuglibcMatch2.9
OR
gnuglibcMatch2.10
OR
gnuglibcMatch2.10.1
OR
gnuglibcMatch2.10.2
OR
gnuglibcMatch2.11
OR
gnuglibcMatch2.11.1
OR
gnuglibcMatch2.11.2
OR
gnuglibcMatch2.11.3
OR
gnuglibcMatch2.12.0
OR
gnuglibcMatch2.12.1
OR
gnuglibcMatch2.12.2
VendorProductVersionCPE
gnuglibc*cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
gnuglibc1.00cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*
gnuglibc1.01cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*
gnuglibc1.02cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*
gnuglibc1.03cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*
gnuglibc1.04cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*
gnuglibc1.05cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*
gnuglibc1.06cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*
gnuglibc1.07cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*
gnuglibc1.08cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*
Rows per page:
1-10 of 581

References

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:P/A:N

AI Score

8.2

Confidence

High

EPSS

0

Percentile

10.1%