CVE-2011-4099

Sažetak

The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors.

Reference

http://rhn.redhat.com/errata/RHSA-2011-1694.html
https://bugzilla.redhat.com/show_bug.cgi?id=722694
https://sites.google.com/site/fullycapable/release-notes-for-libcap/releasenotesfor222

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-02-2014 - 15:09

Objavljeno

08-02-2014 - 00:55