CVE-2011-3603

EPSS 0.06%
Published 27.04.2014 21:55:05
Last modified 12.04.2025 10:46:40
Source secalert@redhat.com
Teams watchlist Login
Open Login

The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Litech ≫ Router Advertisement Daemon Version <= 1.8.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.163

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.litech.org/radvd/CHANGES

http://www.openwall.com/lists/oss-security/2011/10/06/3

https://access.redhat.com/security/cve/CVE-2011-3603

https://nvd.nist.gov/vuln/detail/CVE-2011-3603

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-3603

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-3603

EUVD