CPANSA-MDK-Common-2009-0912: MDK-Common vulnerability
| Publisher |
giterlizzi |
Document category |
csaf_security_advisory |
| Initial release date |
2009-03-16T00:00:00 |
Engine |
CSAF Perl Toolkit 0.25 |
| Current release date |
2009-03-16T00:00:00 |
Build Date |
|
| Current version |
1 |
Status |
final |
| CVSS v3.1 Base Score |
|
Severity |
|
| Original language |
|
Language |
en |
| Also referred to |
|
Vulnerability Description
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.'
Vulnerabilities
CVE-2009-0912
Vulnerability Descriptionperl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
| Weakness |
CWE-20 : Improper Input Validation
|
Product status
Known affected
| Product |
Score |
| MDK-Common equal 1.1.11 |
| CVSS Version |
CVSS Vector |
CVSS Base Score |
CVSS Base Severity |
| 2.0 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
7.2
|
High
|
|
| MDK-Common equal 1.1.24 |
| CVSS Version |
CVSS Vector |
CVSS Base Score |
CVSS Base Severity |
| 2.0 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
7.2
|
High
|
|
| MDK-Common greater than or equal 1.2.9 and less than or equal 1.2.14 |
| CVSS Version |
CVSS Vector |
CVSS Base Score |
CVSS Base Severity |
| 2.0 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
7.2
|
High
|
|
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
Revision history
| Version |
Date of the revision |
Summary of the revision |
| 1 |
Mon Mar 16 00:00:00 2009 |
First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/