CVE-2010-4001

2010-11-0600:00:00

ubuntu.com

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

JSON

DISPUTED GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length
directory name in the LD_LIBRARY_PATH, which allows local users to gain
privileges via a Trojan horse shared library in the current working
directory. NOTE: CVE disputes this issue because the GMXLDLIB value is
always added to the beginning of LD_LIBRARY_PATH at a later point in the
script.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchgromacs< anyUNKNOWN
ubuntu20.04noarchgromacs< anyUNKNOWN
ubuntu22.04noarchgromacs< anyUNKNOWN
ubuntu23.10noarchgromacs< anyUNKNOWN
ubuntu24.04noarchgromacs< anyUNKNOWN
ubuntu16.04noarchgromacs< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	gromacs	< any	UNKNOWN
ubuntu	20.04	noarch	gromacs	< any	UNKNOWN
ubuntu	22.04	noarch	gromacs	< any	UNKNOWN
ubuntu	23.10	noarch	gromacs	< any	UNKNOWN
ubuntu	24.04	noarch	gromacs	< any	UNKNOWN
ubuntu	16.04	noarch	gromacs	< any	UNKNOWN