CVE-2011-0460

Published Apr 16, 2014

Last updated 6 years ago

Overview

Description: The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.3
Impact score: 9.2
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:N/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-59

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE48751-2131-4668-9CD5-FDDF8C05686C",
            "versionEndIncluding": "1.14.1"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:0.99:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04BA99DC-CDC9-493D-8DC0-DE4440BDF07F"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1946EE9-9BCC-4D87-B3B4-EE99456CEE57"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "261123B1-80A5-4A1E-A57D-EB501F44F6AC"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18CC5BB6-A82B-4D33-A19E-43D69D2DE495"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED6041FC-1C6A-4777-9CC6-744720C41667"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5706DFD0-2F1B-4BBF-A3C4-BCF3F872D51F"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D806EE3D-B935-4312-BAC3-E7CB2F484CBB"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BF6A9D9-23EF-4FCC-8EEE-7F22522B2848"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C03FB880-9C35-4DC5-B0B5-EA70DF9FABE8"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "306EDDCE-946D-4F71-B510-5971E662A2EF"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F48F003-AD01-4564-A48A-CDFB8D0BDD3E"
          },
          {
            "criteria": "cpe:2.3:a:kbd-project:kbd:1.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A94D9DB6-6FCC-499F-B292-49D7BECEC718"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References