CVE-2011-4099
Published Feb 8, 2014
Last updated 11 years ago
Overview
- Description
- The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libcap:libcap:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37972F96-847C-4FC3-86ED-26A8B921CC86",
"versionEndIncluding": "2.21"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46EA77FD-A32F-4C18-9480-3B29F10C7969"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A3F14FF-14FB-4324-954A-2D358D330079"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8441A7F-E9B1-4D8C-B537-E0695962FFEA"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70F66014-3C80-49A0-93FB-A26270FDB11A"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F91CACA9-16A5-4555-A04E-311596E458C4"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.05:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0B2C85E-5B2A-4241-8FFD-FAE0EFB280E2"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.06:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "871942FF-7CA5-4C19-A245-9F8F9F9E5EB0"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.07:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC941B9F-C09A-4B51-9406-31D7EA9C69E4"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.08:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAB75E70-0033-414F-9803-CAA65BF4B489"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.09:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6204CACC-5B6A-4C14-83A8-929C6A120F9D"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3D34C8E-1924-4032-9C2C-0DC4252C99E5"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17BB37BB-C4D9-4302-A309-71806A27A5CF"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E85FEE1-A845-45A7-BCC0-D3100A914FB9"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A38D4EF-EC74-4B9A-A540-9F3974B812F4"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5A519A7-4E10-45CE-83B4-86235CB2DB7D"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AD0FC55-E634-4067-A92F-0E4FAD1BE1AF"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66700E0B-D90F-4078-A6AB-FAA4D7E3BE6C"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BBE43A0-2E40-4D61-BBEA-F4969E7F6BA1"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA0A31AE-A947-4645-A55E-2048C6E08A4B"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "614134AD-8C32-4A72-9570-56D458B336B0"
},
{
"criteria": "cpe:2.3:a:libcap:libcap:2.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2A3B426-F41A-4833-892E-913BC87B01FC"
}
],
"operator": "OR"
}
]
}
]