CVE-2010-3998

Published Nov 6, 2010

Last updated 13 years ago

Overview

Description: The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F85DADF-4363-4721-AC62-4BB566963045",
            "versionEndIncluding": "1.8.0"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:0.13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42352A6D-B46B-4E36-BC92-7067C5CCAEA6"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5387279C-1AF4-415A-947B-BEA4DA7A9F29"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "968C6F57-489B-40FC-8D47-ED6A8C950ABA"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B4D8738-E58E-48C6-9358-3031049F8A16"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97AD83BD-4331-49F1-91C6-1A21DA44E52F"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A13354B-324C-448B-A1DF-9DDB60D914CE"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F49E2077-EBB0-4A12-B7CF-932C351659F7"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "641A14CA-AF01-4AC7-8450-044857360300"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25629216-A9C0-42E8-B0E5-AE2B98EC90EE"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B244CB19-F2C3-40BC-87EE-02F7FEC1726F"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B2CFBB2-2A1F-4B88-AC6A-377AB14922DA"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E7DD34F-A55D-4F1A-A693-CE6E634FC38C"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28C2B2C1-62A3-4A72-8DC4-89CD931DDFEC"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD254768-43A5-4BF0-8D1F-8306D3F46A3C"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC41E5E8-6A1F-4BA6-AF21-503CEFF654BE"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5AB7B78-13D4-411E-9BD9-43ADB4CE3CE9"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C172A76-6E2E-4C1F-BBE4-73E94F5C9601"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F27A1501-EE76-4C5F-AB92-5B9FFC937B6F"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21D3FC55-E176-4344-909A-E7DD452A4F50"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01349CF5-0F58-4C3E-990F-ECEC08A39A00"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B6AD7F2-4EE5-4C5C-866D-01D4706F83E3"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9653EA90-62AD-4941-8111-E8FC873F1139"
          },
          {
            "criteria": "cpe:2.3:a:banshee-project:banshee:1.7.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C25EAD1D-ACD8-40C2-B89D-508B162222F5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References