Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-2495
HistoryJun 13, 2012 - 10:24 a.m.

CVE-2011-2495

2012-06-1310:24:55
CWE-264
[email protected]
web.nvd.nist.gov
7

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0

Percentile

5.1%

JSON

fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user’s password.

Affected configurations

Nvd
Node
linuxlinux_kernelRange2.6.39.3
OR
linuxlinux_kernelMatch2.6.39
OR
linuxlinux_kernelMatch2.6.39rc1
OR
linuxlinux_kernelMatch2.6.39rc2
OR
linuxlinux_kernelMatch2.6.39rc3
OR
linuxlinux_kernelMatch2.6.39rc4
OR
linuxlinux_kernelMatch2.6.39rc5
OR
linuxlinux_kernelMatch2.6.39rc6
OR
linuxlinux_kernelMatch2.6.39rc7
OR
linuxlinux_kernelMatch2.6.39.1
OR
linuxlinux_kernelMatch2.6.39.2
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:*:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc6:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc7:*:*:*:*:*:*
linuxlinux_kernel2.6.39.1cpe:2.3:o:linux:linux_kernel:2.6.39.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

Related

veracode 1
cve 1
ubuntucve 1
prion 1
cvelist 1
ubuntu 12
openvas 41
nessus 33
suse 4
centos 1
redhat 4
oraclelinux 5
securityvulns 3
debian 3
osv 2
vmware 2
veracode
veracode
Information Disclosure
2020-04-10 01:01:29
cve
cve
CVE-2011-2495
2012-06-13 10:24:55
ubuntucve
ubuntucve
CVE-2011-2495
2011-10-03 00:00:00
prion
prion
Design/Logic Flaw
2012-06-13 10:24:00
cvelist
cvelist
CVE-2011-2495
2012-06-13 10:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-10-20 00:00:00
Linux (Natty backport) vulnerabilities
2011-11-24 00:00:00
Linux kernel vulnerabilities
2011-11-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1236-1)
2011-10-21 00:00:00
Ubuntu Update for linux USN-1236-1
2011-10-21 00:00:00
CentOS Update for kernel CESA-2011:1212 centos5 i386
2011-09-23 00:00:00
nessus
nessus
Ubuntu 8.04 LTS : linux vulnerabilities (USN-1236-1)
2011-10-21 00:00:00
RHEL 5 : kernel (RHSA-2011:1212)
2011-09-07 00:00:00
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
2012-08-01 00:00:00
suse
suse
kernel update for SLE11 SP1 (important)
2011-09-01 17:08:16
kernel update for SLE11 SP1 (important)
2011-09-02 14:08:13
local kernel information leak in kernel
2011-09-01 17:07:40
centos
centos
kernel security update
2011-09-08 23:40:55
redhat
redhat
(RHSA-2011:1212) Important: kernel security and bug fix update
2011-09-06 00:00:00
(RHSA-2011:1813) Important: kernel security and bug fix update
2011-12-13 00:00:00
(RHSA-2011:1189) Important: kernel security, bug fix, and enhancement update
2011-08-23 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2011-09-07 00:00:00
Unbreakable Enterprise kernel security and bug fix update
2011-08-24 00:00:00
Unbreakable Enterprise kernel security and bug fix update
2011-12-14 00:00:00
securityvulns
securityvulns
[USN-1281-1] Linux (OMAP4) vulnerabilities
2011-11-27 00:00:00
Linux kernel multiple security vulnerabilities
2011-11-27 00:00:00
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-13 00:00:00
debian
debian
[SECURITY] [DSA 2310-1] linux-2.6 security update
2011-09-22 22:48:48
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-11 02:06:57
[SECURITY] [DSA 2303-1] linux-2.6 security update
2011-09-08 21:31:02
osv
osv
linux-2.6 - several issues
2011-09-22 00:00:00
linux-2.6 - several issues
2011-09-10 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for NVD:CVE-2011-2495
veracode1cve1ubuntucve1prion1cvelist1ubuntu12openvas41nessus33suse4centos1redhat4oraclelinux5securityvulns3debian3osv2vmware2