Lucene search

K

Ubuntu.comUB:CVE-2014-3215

HistoryMay 08, 2014 - 12:00 a.m.

CVE-2014-3215

2014-05-0800:00:00

ubuntu.com

ubuntu.com

14

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions,
and executes programs in a way that changes the relationship between the
setuid system call and the getresuid saved set-user-ID value, which makes
it easier for local users to gain privileges by leveraging a program that
mistakenly expected that it could permanently drop privileges.

References

openwall.com/lists/oss-security/2014/04/29/7

openwall.com/lists/oss-security/2014/04/30/4

openwall.com/lists/oss-security/2014/05/08/1

launchpad.net/bugs/cve/CVE-2014-3215

nvd.nist.gov/vuln/detail/CVE-2014-3215

security-tracker.debian.org/tracker/CVE-2014-3215

www.cve.org/CVERecord?id=CVE-2014-3215

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

Related for UB:CVE-2014-3215

nessus23 f52 amazon2 securityvulns2 debiancve1 gentoo1 openvas12 prion1 rosalinux1 cve1 mageia1 oraclelinux6 centos1 redhat1