Описание
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.4-2 |
| hardy | ignored | end of life |
| lucid | released | 0.1-4ubuntu0.1 |
| maverick | ignored | end of life |
| natty | released | 0.1-4ubuntu1.1 |
| oneiric | released | 0.3-1ubuntu1.1 |
| precise | released | 0.3-4ubuntu0.1 |
| upstream | needs-triage |
Показывать по
EPSS
6.2 Medium
CVSS2
Связанные уязвимости
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
libgssapi and libgssglue before 0.4 do not properly check privileges, ...
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
Уязвимость операционной системы Gentoo Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.2 Medium
CVSS2