Lucene search

K

PRIOn knowledge basePRION:CVE-2011-3870

HistoryOct 27, 2011 - 8:55 p.m.

Design/Logic Flaw

2011-10-2720:55:00

PRIOn knowledge base

www.prio-n.com

2

6.5 Medium

AI Score

Confidence

Low

6.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.

CPENameOperatorVersion
puppeteq2.6.0
puppeteq2.6.1
puppeteq2.6.2
puppeteq2.6.3
puppeteq2.6.4
puppeteq2.6.5
puppeteq2.6.6
puppeteq2.6.7
puppeteq2.6.8
puppeteq2.6.9

Rows per page:

1-10 of 231

References

secunia.com/advisories/46458

www.debian.org/security/2011/dsa-2314

www.ubuntu.com/usn/USN-1223-1

www.ubuntu.com/usn/USN-1223-2

groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb

lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html

lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html

lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html

puppet.com/security/cve/cve-2011-3870

6.5 Medium

AI Score

Confidence

Low

6.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

Related for PRION:CVE-2011-3870

debiancve1 github1 cve1 ubuntucve1 osv2 nessus11 openvas23 ubuntu2 fedora7 amazon1 securityvulns2 debian2 gentoo1