Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-0476

Опубликовано: 25 окт. 2014
Источник: nvd
CVSS2: 3.7
EPSS Средний

Описание

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:chkrootkit:chkrootkit:*:*:*:*:*:*:*:*
Версия до 0.49 (включая)
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 93%
0.11441
Средний

3.7 Low

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2014-0476

ubuntu
больше 11 лет назад

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

debian логотип

CVE-2014-0476

debian
больше 11 лет назад

The slapper function in chkrootkit before 0.50 does not properly quote ...

github логотип

GHSA-f6jc-6vm7-jv5m

github
больше 3 лет назад

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

EPSS

Процентиль: 93%
0.11441
Средний

3.7 Low

CVSS2

Дефекты

CWE-20