9.8

CVE-2012-1187

Bitlbee does not drop extra group privileges correctly in unix.c
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BitlbeeBitlbee Version3.0.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.65% 0.734
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-273 Improper Check for Dropped Privileges

The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

https://access.redhat.com/security/cve/cve-2012-1187
Broken Link
https://bugs.bitlbee.org/ticket/852
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187
Third Party Advisory
Issue Tracking
https://security-tracker.debian.org/tracker/CVE-2012-1187
Third Party Advisory