Описание
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
Ссылки
- Mailing List
- Not Applicable
- Broken Link
- Mailing List
- Not Applicable
- Broken Link
- Issue Tracking
- Third Party AdvisoryVDB Entry
- Mailing List
- Not Applicable
- Broken Link
- Mailing List
- Not Applicable
- Broken Link
- Issue Tracking
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
6 Medium
CVSS2
Дефекты
Связанные уязвимости
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
ELSA-2011-0953: system-config-firewall security update (MODERATE)
Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
7.8 High
CVSS3
6 Medium
CVSS2