exploitDog

CVE-2009-4211

Опубликовано: 04 дек. 2009

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sun:solaris:*:*:x86:*:*:*:*:*

cpe:2.3:a:disa:srr_for_solaris:*:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.0046

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-7788-p2j7-mvh6

github

почти 4 года назад

The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program.

EPSS

Процентиль: 64%

0.0046

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-264