Lucene search
Ubuntu.comUB:CVE-2012-3380HistoryAug 31, 2012 - 12:00 a.m.
CVE-2012-3380
2012-08-3100:00:00
ubuntu.com
ubuntu.com
10
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS
0
Percentile
5.1%
Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi
module before 0.46-1 for Nginx allows local users to read arbitrary files
via unspecified vectors.
Bugs
Notes
| Author | Note |
|---|---|
| tyhicks | Per Debian, naxsi package was introduced in 1.1.18-1 |
| mdeslaur | precise and earlier don’t ship naxsi-ui in any binary package, which is the vulnerable part. |
Related
debiancve
debiancve
CVE-2012-3380
2012-08-31 18:55:03
cve
cve
CVE-2012-3380
2012-08-31 18:55:03
prion
prion
Directory traversal
2012-08-31 18:55:00
cvelist
cvelist
CVE-2012-3380
2012-08-31 18:00:00
nvd
nvd
CVE-2012-3380
2012-08-31 18:55:03
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS
0
Percentile
5.1%
Related for UB:CVE-2012-3380