CVE-2011-2709 in libgssglueinformazioni

Riassunto

di MITRE

libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

11/07/2011

Divulgazione

21/06/2012

Moderazione

accettato

Voce

VDB-61049

CPE

pronto

CWE

CWE-264 (confermato)

CVSS

6.2 (NVD)

EPSS

0.00440

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2709
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2709
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2709/

◂ Precedente Visione D'ensemble Il prossimo ▸

Interested in the pricing of exploits?

See the underground prices here!