Описание
Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Exploit
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Exploit
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:sun:xvm_virtualbox:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.0.6r39760:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.1.4r42893:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00348
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-59
Связанные уязвимости
debian
почти 17 лет назад
Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and ...
github
почти 4 года назад
Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.
EPSS
Процентиль: 57%
0.00348
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-59