CVE-2011-2921

Опубликовано: 19 нояб. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Высокий

Описание

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.

Ссылки

http://packetstormsecurity.com/files/154307/ktsuss-Suid-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/cve-2011-2921
Broken Link
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2011-2921
Third Party Advisory
http://packetstormsecurity.com/files/154307/ktsuss-Suid-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/cve-2011-2921
Broken Link
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2011-2921
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ktsuss_project:ktsuss:*:*:*:*:*:*:*:*

Версия до 1.4 (включая)

EPSS

Процентиль: 99%

0.71594

Высокий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-273

Связанные уязвимости

CVE-2011-2921

CVSS3: 9.8

ubuntu

около 6 лет назад

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.

CVE-2011-2921

CVSS3: 9.8

debian

около 6 лет назад

ktsuss versions 1.4 and prior has the uid set to root and does not dro ...

GHSA-gp69-8v27-vccw

CVSS3: 9.8

github

почти 4 года назад

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.

EPSS

Процентиль: 99%

0.71594

Высокий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-273