Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-2945HistoryAug 30, 2010 - 8:00 p.m.
CVE-2010-2945
2010-08-3020:00:02
Debian Security Bug Tracker
security-tracker.debian.org
18
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | slim | < 1.3.1-7 | slim_1.3.1-7_all.deb |
| Debian | 11 | all | slim | < 1.3.1-7 | slim_1.3.1-7_all.deb |
| Debian | 999 | all | slim | < 1.3.1-7 | slim_1.3.1-7_all.deb |
| Debian | 13 | all | slim | < 1.3.1-7 | slim_1.3.1-7_all.deb |
Related
nessus
nessus
Fedora 12 : slim-1.3.2-2.fc12 (2010-13897)
2010-09-09 00:00:00
Fedora 13 : slim-1.3.2-2.fc13 (2010-13890)
2010-09-09 00:00:00
Fedora 14 : slim-1.3.2-2.fc14 (2010-13843)
2010-09-09 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: slim-1.3.2-2.fc14
2010-09-09 04:35:36
[SECURITY] Fedora 12 Update: slim-1.3.2-2.fc12
2010-09-09 01:15:33
[SECURITY] Fedora 13 Update: slim-1.3.2-2.fc13
2010-09-09 01:25:39
cve
cve
CVE-2010-2945
2010-08-30 20:00:02
nvd
nvd
CVE-2010-2945
2010-08-30 20:00:02
openvas
openvas
FreeBSD Ports: slim
2010-08-21 00:00:00
FreeBSD Ports: slim
2010-08-21 00:00:00
Fedora Update for slim FEDORA-2010-13843
2010-12-02 00:00:00
prion
prion
Default configuration
2010-08-30 20:00:00
freebsd
freebsd
slim -- insecure PATH assignment
2010-05-12 00:00:00
ubuntucve
ubuntucve
CVE-2010-2945
2010-08-30 00:00:00
cvelist
cvelist
CVE-2010-2945
2010-08-30 19:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2010-2945