exploitDog

CVE-2011-4122

Опубликовано: 17 нояб. 2011

Источник: nvd

CVSS2: 6.9

EPSS Низкий

Описание

Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00557

Низкий

6.9 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-xh8r-pw4r-9vx4

github

больше 3 лет назад

Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass.

EPSS

Процентиль: 68%

0.00557

Низкий

6.9 Medium

CVSS2

Дефекты

CWE-22