CVE-2009-2657
Published Aug 4, 2009
Last updated a year ago
Overview
- Description
- nilfs-utils before 2.0.14 installs multiple programs with unnecessary setuid privileges, which allows local users to execute arbitrary commands via the device string in a -c command line option to mkfs.nilfs2.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nilf:nilfs:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0525D730-AA3E-476D-8C4B-06429C2BF656",
"versionEndIncluding": "2.0.13"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3197F3B-BFC1-4E49-93CE-6905F37E5B12"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14D3B8DD-4807-4AE4-AF9E-5787ABDA4F07"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5F3928D-EF65-4AC4-8434-5CD365D26BB2"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B15AA866-D57A-4160-A8A4-484780324708"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66F8B68C-20DB-47B7-A08D-EE751B3E0014"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0457D2C4-1692-4FEA-BCBA-C28ED551E2C4"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4ABDCB1F-ED12-4352-927D-C1FA8F23E654"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA43728F-6636-4F00-83E6-E9BDAF37675F"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6839A468-7AAB-49D3-800E-164026FBC37E"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E25E1D19-2054-458A-BBD8-AC3A40046ED6"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9ABD520E-589D-4B0E-8162-62103355DFA5"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B65C6883-5251-44C2-B679-82D188BBA098"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DC8FF77-9C3F-482F-81D9-BBE4F6E21575"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BD4B5E6-71C7-4B13-81CF-A97A8469DE75"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E0B3B0-698E-4043-AB20-4CAC9040E579"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACF0A49D-AC5D-4E5D-968D-6ABC9832DA4F"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E15571B4-6A8F-49EE-BDAA-E00F9BD683F3"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C15CA21D-CB9B-4F3F-AB5C-FC202243FDC5"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:1.0.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81DD2FBA-834C-4646-95C1-FAF96DBC54C1"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E477B65-24C6-4A13-A31F-AB28DA67D64E"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4104B28-C1FC-40AB-A56E-7E35A06FB144"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAD8DC56-05B1-4013-BB88-653EF4845594"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "602DAD58-1B2A-413F-996E-7F6F8259B248"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B24056A-1D69-4F72-B935-A9C993229B44"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F2851A8-46FB-41E2-A814-B791F0DB0407"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7723F3C-0662-42F3-B867-F2B212B0DE4B"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8E10C3B-653A-467B-9784-7ACA8221A10F"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72093057-2DD7-415F-9C95-E8AFE76EC14A"
},
{
"criteria": "cpe:2.3:a:nilf:nilfs:2.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC8EBF46-845F-4706-87C2-51139CD7D852"
}
],
"operator": "OR"
}
]
}
]