Lucene search
HistoryAug 26, 2012 - 7:55 p.m.
CVE-2012-3485
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.3
Confidence
Low
EPSS
0.002
Percentile
57.0%
Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
Affected configurations
Node
googletunnelblickRange≤3.3beta20
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tunnelblick | * | cpe:2.3:a:google:tunnelblick:*:*:*:*:*:*:*:* |
Related
d2
d2
DSquare Exploit Pack: D2SEC_TUNNELBLICK
2012-08-26 19:55:00
metasploit
metasploit
Setuid Tunnelblick Privilege Escalation
2013-03-03 18:48:12
cvelist
cvelist
CVE-2012-3485
2012-08-26 19:00:00
CVE-2012-4676
2012-08-26 19:00:00
exploitdb
exploitdb
Tunnelblick - Setuid Privilege Escalation (Metasploit)
2013-03-05 00:00:00
Tunnelblick - Local Privilege Escalation (2)
2012-08-11 00:00:00
cve
cve
CVE-2012-3485
2012-08-26 19:55:02
CVE-2012-4676
2012-08-26 19:55:02
zdt
zdt
Setuid Tunnelblick Privilege Escalation Vulnerability
2013-03-05 00:00:00
packetstorm
packetstorm
Setuid Tunnelblick Privilege Escalation
2013-03-05 00:00:00
prion
prion
Code injection
2012-08-26 19:55:00
Hardcoded credentials
2012-08-26 19:55:00
nvd
nvd
CVE-2012-4676
2012-08-26 19:55:02
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.3
Confidence
Low
EPSS
0.002
Percentile
57.0%
Related for NVD:CVE-2012-3485