Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-3889
HistoryNov 16, 2009 - 12:00 a.m.

CVE-2009-3889

2009-11-1600:00:00
ubuntu.com
ubuntu.com
14

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

EPSS

0

Percentile

10.1%

The dbg_lvl file for the megaraid_sas driver in the Linux kernel before
2.6.27 has world-writable permissions, which allows local users to change
the (1) behavior and (2) logging level of the driver by modifying this
file.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-26.64UNKNOWN

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

EPSS

0

Percentile

10.1%