PT-2014-2072 · Red Hat+1 · Fedora+1

Jan Lieskovsky

Publicado

2014-01-13

Atualizado

2014-01-14

CVE-2010-0746

CVSS v2.0

6.2

Média

Vetor

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions DeviceKit-disks in DeviceKit versions (affected versions not specified)

Description A directory traversal issue exists, allowing local users to gain privileges through the use of .. (dot dot) sequences in the label for a pluggable storage device. This issue affects DeviceKit-disks in DeviceKit, as used in Fedora 11 and 12 and possibly other operating systems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2010-0746

Produtos afetados

Devicekit-Disks

Fedora

PT-2014-2072 · Red Hat+1 · Fedora+1

CVE-2010-0746

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6