CVE-2011-0523

Severity

19%

Complexity

34%

Confidentiality

48%

gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.

gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.

CVSS 2.0 Base Score 1.9. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:N/A:N).

Overview

First reported 12 years ago

2012-08-13 20:55:00

Last updated 11 years ago

2013-12-13 04:46:00

Affected Software

iain gypsy 0.8

0.8

References

http://cgit.freedesktop.org/gypsy/commit/?id=40101707cddb319481133b2a137294b6b669bd16

Exploit, Patch

FEDORA-2013-8687

FEDORA-2013-8705

FEDORA-2013-8659

openSUSE-SU-2012:0884

49991

Vendor Advisory

[oss-security] 20110124 CVE request: multiple gypsy vulnerabilities

[oss-security] 20110125 Re: CVE request: multiple gypsy vulnerabilities

https://bugs.freedesktop.org/show_bug.cgi?id=33431

https://bugs.launchpad.net/ubuntu/+source/gypsy/+bug/690323

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.