Lucene search
HistoryJun 22, 2011 - 11:55 p.m.
CVE-2011-2533
cve-2011-2533
d-bus
dbus
symlink attack
local users
arbitrary files
security vulnerability
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.
Affected configurations
Node
freedesktopdbusMatch1.2.1
ORfreedesktopdbusMatch1.2.3
ORfreedesktopdbusMatch1.2.4
ORfreedesktopdbusMatch1.2.6
ORfreedesktopdbusMatch1.2.8
ORfreedesktopdbusMatch1.2.10
ORfreedesktopdbusMatch1.2.12
ORfreedesktopdbusMatch1.2.14
ORfreedesktopdbusMatch1.2.16
ORfreedesktopdbusMatch1.2.18
ORfreedesktopdbusMatch1.2.20
ORfreedesktopdbusMatch1.2.22
ORfreedesktopdbusMatch1.2.24
ORfreedesktopdbusMatch1.2.26
Related
ubuntucve
ubuntucve
CVE-2011-2533
2011-06-22 00:00:00
cvelist
cvelist
CVE-2011-2533
2011-06-22 23:00:00
debiancve
debiancve
CVE-2011-2533
2011-06-22 23:55:00
prion
prion
Arbitrary file deletion
2011-06-22 23:55:00
nvd
nvd
CVE-2011-2533
2011-06-22 23:55:00
securityvulns
securityvulns
D-Bus symbolic links vulnerability
2011-10-26 00:00:00
[ GLSA 201110-14 ] D-Bus: Multiple vulnerabilities
2011-10-26 00:00:00
gentoo
gentoo
D-Bus: Multiple vulnerabilities
2011-10-21 00:00:00
nessus
nessus
GLSA-201110-14 : D-Bus: Multiple vulnerabilities
2011-10-24 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201110-14 (D-Bus)
2012-02-12 00:00:00
Gentoo Security Advisory GLSA 201110-14 (D-Bus)
2012-02-12 00:00:00
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2011-2533