Описание
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
Ссылки
- Vendor Advisory
- Patch
- Vendor Advisory
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mandriva:multi_network_firewall:2.0:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:2008.0:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:2008.0:-:x86_64:*:*:*:*:*
cpe:2.3:o:mandriva:linux:2008.1:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:2008.1:-:x86_64:*:*:*:*:*
cpe:2.3:o:mandriva:linux:2009.0:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
cpe:2.3:o:mandriva:linux_corporate_server:3.0:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux_corporate_server:3.0:-:x86_64:*:*:*:*:*
cpe:2.3:o:mandriva:linux_corporate_server:4.0:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux_corporate_server:4.0:-:x86_64:*:*:*:*:*
EPSS
Процентиль: 16%
0.00051
Низкий
7.2 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
EPSS
Процентиль: 16%
0.00051
Низкий
7.2 High
CVSS2
Дефекты
CWE-20