Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2011-0532
HistoryFeb 23, 2011 - 7:00 p.m.

CVE-2011-0532

2011-02-2319:00:01
CWE-264
redhat
web.nvd.nist.gov
35
cve-2011-0532
389 directory server
ld_library_path
privilege escalation
security vulnerability

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Affected configurations

Nvd
Node
fedoraproject389_directory_serverMatch1.2.1
OR
fedoraproject389_directory_serverMatch1.2.2
OR
fedoraproject389_directory_serverMatch1.2.3
OR
fedoraproject389_directory_serverMatch1.2.5
OR
fedoraproject389_directory_serverMatch1.2.5rc1
OR
fedoraproject389_directory_serverMatch1.2.5rc2
OR
fedoraproject389_directory_serverMatch1.2.5rc3
OR
fedoraproject389_directory_serverMatch1.2.5rc4
OR
fedoraproject389_directory_serverMatch1.2.6
OR
fedoraproject389_directory_serverMatch1.2.6a2
OR
fedoraproject389_directory_serverMatch1.2.6a3
OR
fedoraproject389_directory_serverMatch1.2.6a4
OR
fedoraproject389_directory_serverMatch1.2.6rc1
OR
fedoraproject389_directory_serverMatch1.2.6rc2
OR
fedoraproject389_directory_serverMatch1.2.6rc3
OR
fedoraproject389_directory_serverMatch1.2.6rc6
OR
fedoraproject389_directory_serverMatch1.2.6rc7
OR
fedoraproject389_directory_serverMatch1.2.6.1
OR
fedoraproject389_directory_serverMatch1.2.7alpha3
OR
fedoraproject389_directory_serverMatch1.2.7.5
OR
fedoraproject389_directory_serverMatch1.2.8alpha1
OR
fedoraproject389_directory_serverMatch1.2.8alpha2
Node
redhatdirectory_serverMatch8.2
OR
redhatdirectory_serverMatch8.2.3
VendorProductVersionCPE
fedoraproject389_directory_server1.2.1cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.2cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.3cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*
fedoraproject389_directory_server1.2.6cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.6cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*
Rows per page:
1-10 of 241

Related

prion 1
nvd 1
veracode 1
cvelist 1
redhat 1
prion
prion
Directory traversal
2011-02-23 19:00:00
nvd
nvd
CVE-2011-0532
2011-02-23 19:00:01
veracode
veracode
Privilege Escalation
2020-04-10 01:01:44
cvelist
cvelist
CVE-2011-0532
2011-02-23 18:00:00
redhat
redhat
(RHSA-2011:0293) Moderate: Red Hat Directory Server security update
2011-02-22 00:00:00

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2011-0532
prion1nvd1veracode1cvelist1redhat1