6.9
CVE-2010-3361
- EPSS 0.38%
- Veröffentlicht 20.10.2010 18:00:03
- Zuletzt bearbeitet 16.06.2026 23:22:38
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Shrew ≫ Vpn Client Version2.1.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.295 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.9 | 3.4 | 10 |
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598292
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598293