Lucene search
Ubuntu.comUB:CVE-2009-3286HistorySep 22, 2009 - 12:00 a.m.
CVE-2009-3286
2009-09-2200:00:00
ubuntu.com
ubuntu.com
17
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
10.1%
NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not
properly clean up an inode when an O_EXCL create fails, which causes files
to be created with insecure settings such as setuid bits, and possibly
allows local users to gain privileges, related to the execution of the
do_open_permission function even when a create fails.
Bugs
Related
prion
prion
Design/Logic Flaw
2009-09-22 10:30:00
veracode
veracode
Privilege Escalation
2020-04-10 00:39:05
cvelist
cvelist
CVE-2009-3286
2009-09-22 10:00:00
seebug
seebug
Linux Kernel O_EXCL NFSv4本地权限提升漏洞
2009-09-23 00:00:00
nvd
nvd
CVE-2009-3286
2009-09-22 10:30:00
cve
cve
CVE-2009-3286
2009-09-22 10:30:00
openvas
openvas
CentOS Update for kernel CESA-2009:1548 centos5 i386
2011-08-09 00:00:00
CentOS Update for kernel CESA-2009:1548 centos5 i386
2011-08-09 00:00:00
CentOS Security Advisory CESA-2009:1548 (kernel)
2009-11-11 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-11-03 00:00:00
Oracle Enterprise Linux 5.5 kernel security and bug fix update
2010-04-05 00:00:00
redhat
redhat
(RHSA-2009:1548) Important: kernel security and bug fix update
2009-11-03 00:00:00
(RHSA-2009:1692) Important: rhev-hypervisor security and bug fix update
2009-12-23 00:00:00
nessus
nessus
OracleVM 2.2 : kernel (OVMSA-2009-0033)
2014-11-26 00:00:00
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
2013-03-06 00:00:00
centos
centos
kernel security update
2009-11-04 19:57:14
osv
osv
linux-2.6 - several vulnerabilities
2009-10-22 00:00:00
linux-2.6 - several vulnerabilities
2009-11-05 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
suse
suse
remote denial of service in kernel
2009-12-02 17:15:31
local privilege escalation, remote denial of in kernel
2010-02-15 16:54:24
securityvulns
securityvulns
debian
debian
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
10.1%
Related for UB:CVE-2009-3286