PT-2014-2072 · Red Hat+1 · Fedora+1

Jan Lieskovsky

Published

2014-01-13

Updated

2014-01-14

CVE-2010-0746

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions DeviceKit-disks in DeviceKit versions (affected versions not specified)

Description A directory traversal issue exists, allowing local users to gain privileges through the use of .. (dot dot) sequences in the label for a pluggable storage device. This issue affects DeviceKit-disks in DeviceKit, as used in Fedora 11 and 12 and possibly other operating systems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2010-0746

Affected Products

Devicekit-Disks

Fedora

PT-2014-2072 · Red Hat+1 · Fedora+1

CVE-2010-0746

Weakness Enumeration

Related Identifiers

Affected Products

References · 6