Lucene search

[email protected]CVE-2011-0468

HistoryApr 04, 2011 - 12:27 p.m.

CVE-2011-0468

2011-04-0412:27:36

CWE-264

[email protected]

web.nvd.nist.gov

aaa_base

privileges

shell metacharacters

filename

tab expansion

suse opensuse 11.3

opensuse 11.4

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab expansion.

Affected configurations

NVD

Node

opensuseopensuseMatch11.3

opensuseopensuseMatch11.4

CPENameOperatorVersion
opensuse:opensuseopensuseeq11.3
opensuse:opensuseopensuseeq11.4

CPE	Name	Operator	Version
opensuse:opensuse	opensuse	eq	11.3
opensuse:opensuse	opensuse	eq	11.4

References

lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

lists.opensuse.org/opensuse-updates/2011-03/msg00010.html

secunia.com/advisories/43825

support.novell.com/security/cve/CVE-2011-0468.html

www.osvdb.org/71253

www.securityfocus.com/bid/46983

bugzilla.novell.com/678827

exchange.xforce.ibmcloud.com/vulnerabilities/66245

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2011-0468

nvd1 nessus2 prion1 cvelist1