Lucene search
HistoryJul 02, 2001 - 4:00 a.m.
CVE-2001-0424
cve-2001-0424
bubblemon 1.31
privilege misuse
nvd
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.
Affected configurations
Node
timecopbubblemonMatch1.0
ORtimecopbubblemonMatch1.0pl1
ORtimecopbubblemonMatch1.0pl2
ORtimecopbubblemonMatch1.0pl3
ORtimecopbubblemonMatch1.0pl4
ORtimecopbubblemonMatch1.0pl6
ORtimecopbubblemonMatch1.0pl7
ORtimecopbubblemonMatch1.0pl8
ORtimecopbubblemonMatch1.0pl9
ORtimecopbubblemonMatch1.1
ORtimecopbubblemonMatch1.1test1
ORtimecopbubblemonMatch1.1test2
ORtimecopbubblemonMatch1.1test3
ORtimecopbubblemonMatch1.1test4
ORtimecopbubblemonMatch1.1test5
ORtimecopbubblemonMatch1.1test6
ORtimecopbubblemonMatch1.1test7
ORtimecopbubblemonMatch1.2
ORtimecopbubblemonMatch1.2test1
ORtimecopbubblemonMatch1.3
ORtimecopbubblemonMatch1.21
ORtimecopbubblemonMatch1.21test1
ORtimecopbubblemonMatch1.22
ORtimecopbubblemonMatch1.23
ORtimecopbubblemonMatch1.31
Node
freebsdfreebsdMatch6.2stable
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
Related for CVE-2001-0424