Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-3364
HistoryNov 04, 2011 - 9:55 p.m.

CVE-2011-3364

2011-11-0421:55:03
[email protected]
web.nvd.nist.gov
5

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.

Affected configurations

Nvd
Node
gnomeifcfg-rh_plug-in
OR
gnomenetworkmanagerMatch0.8.1
OR
gnomenetworkmanagerMatch0.9.0
OR
gnomenetworkmanagerMatch0.9.1

Related

nessus 7
redhat 1
openvas 9
debiancve 1
ubuntucve 1
oraclelinux 1
cvelist 1
cve 1
prion 1
fedora 3
veracode 1
nessus
nessus
Oracle Linux 6 : NetworkManager (ELSA-2011-1338)
2013-07-12 00:00:00
Scientific Linux Security Update : NetworkManager on SL6.x i386/x86_64
2012-08-01 00:00:00
RHEL 6 : NetworkManager (RHSA-2011:1338)
2011-09-27 00:00:00
redhat
redhat
(RHSA-2011:1338) Moderate: NetworkManager security update
2011-09-26 00:00:00
openvas
openvas
Fedora Update for NetworkManager FEDORA-2011-13401
2011-10-10 00:00:00
Fedora Update for NetworkManager FEDORA-2011-13425
2012-04-02 00:00:00
RedHat Update for NetworkManager RHSA-2011:1338-01
2012-07-09 00:00:00
debiancve
debiancve
CVE-2011-3364
2011-11-04 21:55:03
ubuntucve
ubuntucve
CVE-2011-3364
2011-11-04 00:00:00
oraclelinux
oraclelinux
NetworkManager security update
2011-09-26 00:00:00
cvelist
cvelist
CVE-2011-3364
2011-11-04 21:00:00
cve
cve
CVE-2011-3364
2011-11-04 21:55:03
prion
prion
Design/Logic Flaw
2011-11-04 21:55:00
fedora
fedora
[SECURITY] Fedora 16 Update: NetworkManager-0.9.1.90-3.git20110927.fc16
2011-09-30 19:31:09
[SECURITY] Fedora 14 Update: NetworkManager-0.8.5.92-1.git20110927.fc14
2011-10-08 18:02:34
[SECURITY] Fedora 15 Update: NetworkManager-0.9.1.90-1.git20110927.fc15
2011-09-29 23:30:32
veracode
veracode
Privilege Escalation
2020-04-10 01:05:41

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for NVD:CVE-2011-3364
nessus7redhat1openvas9debiancve1ubuntucve1oraclelinux1cvelist1cve1prion1fedora3veracode1