3.6

CVE-2011-1784

EPSS 0.05%
Published 20.05.2011 22:55:04
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Keepalived ≫ Keepalived Version <= 1.2.2

Keepalived ≫ Keepalived Version0.2.1

Keepalived ≫ Keepalived Version0.2.3

Keepalived ≫ Keepalived Version0.2.6

Keepalived ≫ Keepalived Version0.2.7

Keepalived ≫ Keepalived Version0.3.5

Keepalived ≫ Keepalived Version0.3.6

Keepalived ≫ Keepalived Version0.3.7

Keepalived ≫ Keepalived Version0.3.8

Keepalived ≫ Keepalived Version0.4.8

Keepalived ≫ Keepalived Version0.4.9

Keepalived ≫ Keepalived Version0.4.9a

Keepalived ≫ Keepalived Version0.5.3

Keepalived ≫ Keepalived Version0.5.5

Keepalived ≫ Keepalived Version0.5.6

Keepalived ≫ Keepalived Version0.5.7

Keepalived ≫ Keepalived Version0.5.8

Keepalived ≫ Keepalived Version0.5.9

Keepalived ≫ Keepalived Version0.6.1

Keepalived ≫ Keepalived Version0.6.2

Keepalived ≫ Keepalived Version0.6.3

Keepalived ≫ Keepalived Version0.6.4

Keepalived ≫ Keepalived Version0.6.5

Keepalived ≫ Keepalived Version0.6.6

Keepalived ≫ Keepalived Version0.6.7

Keepalived ≫ Keepalived Version0.6.8

Keepalived ≫ Keepalived Version0.6.9

Keepalived ≫ Keepalived Version0.6.10

Keepalived ≫ Keepalived Version0.7.1

Keepalived ≫ Keepalived Version0.7.6

Keepalived ≫ Keepalived Version1.0.0

Keepalived ≫ Keepalived Version1.0.1

Keepalived ≫ Keepalived Version1.0.2

Keepalived ≫ Keepalived Version1.0.3

Keepalived ≫ Keepalived Version1.1.0

Keepalived ≫ Keepalived Version1.1.1

Keepalived ≫ Keepalived Version1.1.2

Keepalived ≫ Keepalived Version1.1.3

Keepalived ≫ Keepalived Version1.1.4

Keepalived ≫ Keepalived Version1.1.5

Keepalived ≫ Keepalived Version1.1.6

Keepalived ≫ Keepalived Version1.1.7

Keepalived ≫ Keepalived Version1.1.8

Keepalived ≫ Keepalived Version1.1.9

Keepalived ≫ Keepalived Version1.1.10

Keepalived ≫ Keepalived Version1.1.11

Keepalived ≫ Keepalived Version1.1.12

Keepalived ≫ Keepalived Version1.1.13

Keepalived ≫ Keepalived Version1.1.14

Keepalived ≫ Keepalived Version1.1.15

Keepalived ≫ Keepalived Version1.1.16

Keepalived ≫ Keepalived Version1.1.17

Keepalived ≫ Keepalived Version1.1.18

Keepalived ≫ Keepalived Version1.1.19

Keepalived ≫ Keepalived Version1.1.20

Keepalived ≫ Keepalived Version1.2.0

Keepalived ≫ Keepalived Version1.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.111

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	3.6	3.9	4.9	AV:L/AC:L/Au:N/C:N/I:P/A:P

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626281

http://lists.debian.org/debian-security/2011/05/msg00012.html

http://lists.debian.org/debian-security/2011/05/msg00013.html

http://lists.debian.org/debian-security/2011/05/msg00018.html

http://openwall.com/lists/oss-security/2011/05/10/5

http://openwall.com/lists/oss-security/2011/05/16/7

http://secunia.com/advisories/44460

Vendor Advisory

http://www.osvdb.org/72380

http://www.securityfocus.com/bid/47859

https://bugzilla.redhat.com/show_bug.cgi?id=704039

https://exchange.xforce.ibmcloud.com/vulnerabilities/67477

https://nvd.nist.gov/vuln/detail/CVE-2011-1784

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1784

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1784

EUVD