Directory traversal

2011-02-2319:00:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

CPENameOperatorVersion
389_directory_servereq1.2.5 rc4
389_directory_servereq1.2.3
389_directory_servereq1.2.5 rc1
389_directory_servereq1.2.6 rc3
389_directory_servereq1.2.6 a3
389_directory_servereq1.2.6 rc1
389_directory_servereq1.2.7.5
389_directory_servereq1.2.1
389_directory_servereq1.2.2
389_directory_servereq1.2.5

Name	Operator	Version
389_directory_server	eq	1.2.5 rc4
389_directory_server	eq	1.2.3
389_directory_server	eq	1.2.5 rc1
389_directory_server	eq	1.2.6 rc3
389_directory_server	eq	1.2.6 a3
389_directory_server	eq	1.2.6 rc1
389_directory_server	eq	1.2.7.5
389_directory_server	eq	1.2.1
389_directory_server	eq	1.2.2
389_directory_server	eq	1.2.5