6.2
CVE-2011-0532
- EPSS 0.28%
- Veröffentlicht 23.02.2011 19:00:01
- Zuletzt bearbeitet 16.06.2026 23:27:34
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fedoraproject ≫ 389 Directory Server Version1.2.1
Fedoraproject ≫ 389 Directory Server Version1.2.2
Fedoraproject ≫ 389 Directory Server Version1.2.3
Fedoraproject ≫ 389 Directory Server Version1.2.5
Fedoraproject ≫ 389 Directory Server Version1.2.5 Updaterc1
Fedoraproject ≫ 389 Directory Server Version1.2.5 Updaterc2
Fedoraproject ≫ 389 Directory Server Version1.2.5 Updaterc3
Fedoraproject ≫ 389 Directory Server Version1.2.5 Updaterc4
Fedoraproject ≫ 389 Directory Server Version1.2.6
Fedoraproject ≫ 389 Directory Server Version1.2.6 Updatea2
Fedoraproject ≫ 389 Directory Server Version1.2.6 Updatea3
Fedoraproject ≫ 389 Directory Server Version1.2.6 Updatea4
Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc1
Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc2
Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc3
Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc6
Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc7
Fedoraproject ≫ 389 Directory Server Version1.2.6.1
Fedoraproject ≫ 389 Directory Server Version1.2.7 Updatealpha3
Fedoraproject ≫ 389 Directory Server Version1.2.7.5
Fedoraproject ≫ 389 Directory Server Version1.2.8 Updatealpha1
Fedoraproject ≫ 389 Directory Server Version1.2.8 Updatealpha2
Redhat ≫ Directory Server Version8.2
Redhat ≫ Directory Server Version8.2.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.199 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.2 | 1.9 | 10 |
AV:L/AC:H/Au:N/C:C/I:C/A:C
|
http://www.redhat.com/support/errata/RHSA-2011-0293.html
http://www.securityfocus.com/bid/46489
http://www.securitytracker.com/id?1025102
https://bugzilla.redhat.com/show_bug.cgi?id=672468
https://exchange.xforce.ibmcloud.com/vulnerabilities/65637