7.2

CVE-2001-0872

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenssh Version <= 3.0.1
RedhatLinux Version7.0
RedhatLinux Version7.1
RedhatLinux Version7.2
SuseSuse Linux Version6.4
SuseSuse Linux Version7.0
SuseSuse Linux Version7.1
SuseSuse Linux Version7.2
SuseSuse Linux Version7.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.87% 0.541
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000446
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:092
http://lists.suse.com/archives/suse-security-announce/2001-Dec/0001.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=100749779131514&w=2
http://marc.info/?l=openssh-unix-dev&m=100747128105913&w=2
http://www.ciac.org/ciac/bulletins/m-026.shtml
http://www.debian.org/security/2001/dsa-091
http://www.kb.cert.org/vuls/id/157447
US Government Resource
http://www.osvdb.org/688
http://www.redhat.com/support/errata/RHSA-2001-161.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/3614
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0112-005
https://exchange.xforce.ibmcloud.com/vulnerabilities/7647