CVE-2010-3387

2010-10-2018:00:04

Debian Security Bug Tracker

security-tracker.debian.org

vdr

1.6.0

cve-2010-3387

local privilege escalation

unix

shared library

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a semicolon in a context where a colon was intended

OSVersionArchitecturePackageVersionFilename
Debian12allvdr< 1.6.0-19.1vdr_1.6.0-19.1_all.deb
Debian11allvdr< 1.6.0-19.1vdr_1.6.0-19.1_all.deb
Debian999allvdr< 1.6.0-19.1vdr_1.6.0-19.1_all.deb
Debian13allvdr< 1.6.0-19.1vdr_1.6.0-19.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	vdr	< 1.6.0-19.1	vdr_1.6.0-19.1_all.deb
Debian	11	all	vdr	< 1.6.0-19.1	vdr_1.6.0-19.1_all.deb
Debian	999	all	vdr	< 1.6.0-19.1	vdr_1.6.0-19.1_all.deb
Debian	13	all	vdr	< 1.6.0-19.1	vdr_1.6.0-19.1_all.deb