CVE-2011-2777

Published Aug 29, 2012

Last updated 12 years ago

CVSS info 4.4

Overview

Description: samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DBUS_SESSION_BUS_ADDRESS environment variable containing commands.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.4
Impact score: 6.4
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FFAB5BC-417F-4DF5-B8C2-85A75CF27354",
            "versionEndIncluding": "2.0.16"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFE554DE-7900-4BC3-837F-D7A26B88A90E"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7C462B8-7405-4196-B55C-2A9BBFA98BD3"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE516D6A-FEAA-421B-B807-7046EEA09BD3"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CACA317-8EC6-4918-B001-40A7FD43B585"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF66C21C-7BA1-4BE5-A722-28B15FCFCD7A"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9486F5C6-0EB6-430A-BDD3-BDBADB833700"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AB44BB8-BEA7-4BFD-9431-DED2FB7C011C"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCE3E44B-5CF7-4E0C-8A01-CD33BF507515"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81AF4DF4-7011-4AB1-B9B0-BAF176D8AE54"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEAA756E-06BA-49E9-99DC-6773CB10C210"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFCE9E6F-44F1-407A-AD84-FC2D19FB91A9"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D5DBDFD-E74C-41BE-94D0-3046E02967B1"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70D85157-0143-4ABE-81D0-4AB38934AE82"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCBBAA85-6BB4-4FA1-A85B-048DAAD7E9D9"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D847AD9-52C6-4945-A827-5412D4D613E2"
          },
          {
            "criteria": "cpe:2.3:a:tedfelix:acpid2:2.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B2822FE-0AC5-4F87-8902-D04D9DF1D90F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References