CVE-2009-2657

Published Aug 4, 2009
Last updated a year ago
CVSS info 4.6
Overview

Description: nilfs-utils before 2.0.14 installs multiple programs with unnecessary setuid privileges, which allows local users to execute arbitrary commands via the device string in a -c command line option to mkfs.nilfs2.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-264
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0525D730-AA3E-476D-8C4B-06429C2BF656",
            "versionEndIncluding": "2.0.13"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3197F3B-BFC1-4E49-93CE-6905F37E5B12"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14D3B8DD-4807-4AE4-AF9E-5787ABDA4F07"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5F3928D-EF65-4AC4-8434-5CD365D26BB2"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B15AA866-D57A-4160-A8A4-484780324708"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66F8B68C-20DB-47B7-A08D-EE751B3E0014"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0457D2C4-1692-4FEA-BCBA-C28ED551E2C4"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4ABDCB1F-ED12-4352-927D-C1FA8F23E654"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA43728F-6636-4F00-83E6-E9BDAF37675F"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6839A468-7AAB-49D3-800E-164026FBC37E"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E25E1D19-2054-458A-BBD8-AC3A40046ED6"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9ABD520E-589D-4B0E-8162-62103355DFA5"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B65C6883-5251-44C2-B679-82D188BBA098"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DC8FF77-9C3F-482F-81D9-BBE4F6E21575"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BD4B5E6-71C7-4B13-81CF-A97A8469DE75"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51E0B3B0-698E-4043-AB20-4CAC9040E579"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACF0A49D-AC5D-4E5D-968D-6ABC9832DA4F"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E15571B4-6A8F-49EE-BDAA-E00F9BD683F3"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C15CA21D-CB9B-4F3F-AB5C-FC202243FDC5"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:1.0.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81DD2FBA-834C-4646-95C1-FAF96DBC54C1"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E477B65-24C6-4A13-A31F-AB28DA67D64E"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4104B28-C1FC-40AB-A56E-7E35A06FB144"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAD8DC56-05B1-4013-BB88-653EF4845594"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "602DAD58-1B2A-413F-996E-7F6F8259B248"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B24056A-1D69-4F72-B935-A9C993229B44"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F2851A8-46FB-41E2-A814-B791F0DB0407"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7723F3C-0662-42F3-B867-F2B212B0DE4B"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8E10C3B-653A-467B-9784-7ACA8221A10F"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72093057-2DD7-415F-9C95-E8AFE76EC14A"
          },
          {
            "criteria": "cpe:2.3:a:nilf:nilfs:2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC8EBF46-845F-4706-87C2-51139CD7D852"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
