CVE-2014-3209

Опубликовано: 16 нояб. 2014

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:nlnetlabs:ldns:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.2:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.3:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.4:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.5:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.6:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.7:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.8:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.9:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.10:*:*:*:*:*:*:*

cpe:2.3:a:nlnetlabs:ldns:1.6.11:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.00154

Низкий

2.1 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2014-3209

ubuntu

около 11 лет назад

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.

CVE-2014-3209

redhat

почти 12 лет назад

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.

CVE-2014-3209

debian

около 11 лет назад

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the p ...

GHSA-cc58-7rpr-73mr

github

больше 3 лет назад

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.

EPSS

Процентиль: 36%

0.00154

Низкий

2.1 Low

CVSS2

Дефекты

CWE-264