CVE-2011-1056

Sažetak

The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse.

Reference

http://blog.metasploit.com/2011/02/metasploit-framework-352-released.html
http://osvdb.org/70857
http://secunia.com/advisories/43166
http://www.vupen.com/english/advisories/2011/0371

CVSS

Base:	6.2
Impact:	10.0
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

20-06-2011 - 04:00

Objavljeno

21-02-2011 - 21:00