[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-2653Date: (C)2012-07-12   (M)2023-12-22


arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
DSA-2481
FEDORA-2012-8675
FEDORA-2012-8677
FEDORA-2012-8702
GLSA-201607-16
MDVSA-2012:113
http://www.openwall.com/lists/oss-security/2012/05/24/14
http://www.openwall.com/lists/oss-security/2012/05/24/13

OVAL    6
oval:org.secpod.oval:def:302927
oval:org.secpod.oval:def:600820
oval:org.secpod.oval:def:600822
oval:org.secpod.oval:def:103924
...

© SecPod Technologies