7.2

CVE-2001-1374

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Don LibesExpect Version0
Don LibesExpect Version1
Don LibesExpect Version2
Don LibesExpect Version3
Don LibesExpect Version4
Don LibesExpect Version5.0
Don LibesExpect Version5.1
Don LibesExpect Version5.2
Don LibesExpect Version5.3
Don LibesExpect Version5.4
Don LibesExpect Version5.5
Don LibesExpect Version5.6
Don LibesExpect Version5.7
Don LibesExpect Version5.8
Don LibesExpect Version5.9
Don LibesExpect Version5.10
Don LibesExpect Version5.11
Don LibesExpect Version5.12
Don LibesExpect Version5.13
Don LibesExpect Version5.14
Don LibesExpect Version5.15
Don LibesExpect Version5.16
Don LibesExpect Version5.17
Don LibesExpect Version5.18
Don LibesExpect Version5.19
Don LibesExpect Version5.20
Don LibesExpect Version5.21
Don LibesExpect Version5.22
Don LibesExpect Version5.23
Don LibesExpect Version5.24
Don LibesExpect Version5.25
Don LibesExpect Version5.26
Don LibesExpect Version5.27
Don LibesExpect Version5.28
Don LibesExpect Version5.29
Don LibesExpect Version5.30
Don LibesExpect Version5.31
ConectivaLinux Version6.0
ConectivaLinux Version7.0
RedhatLinux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.37% 0.287
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060
http://www.redhat.com/support/errata/RHSA-2002-148.html
http://www.securityfocus.com/bid/3074
Patch
Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224
https://exchange.xforce.ibmcloud.com/vulnerabilities/6870