CVE-2009-1073 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 59%

Affected Products (NVD)

Vendor	Product	Version
debian	nss-ldap	𝑥 < 0.6.8
debian	debian_linux	5.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

nss-ldapd

dapper	dne
gutsy	dne
hardy	ignored
intrepid	ignored
jaunty	ignored
karmic	not-affected
lucid	dne
maverick	dne
natty	dne
oneiric	dne

Known Exploits!

Common Weakness Enumeration

CWE-732 - Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References

http://arthurenhella.demon.nl/viewvc/nss-ldapd/nss-ldapd/debian/libnss-ldapd.postinst?r1=795&r2=813

http://arthurenhella.demon.nl/viewvc/nss-ldapd/nss-ldapd/man/nss-ldapd.conf.5.xml?r1=805&r2=806

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520476

http://ch.tudelft.nl/~arthur/nss-ldapd/news.html#20090322

http://launchpad.net/bugs/cve/2009-1073

http://secunia.com/advisories/34523

http://www.debian.org/security/2009/dsa-1758

http://www.openwall.com/lists/oss-security/2009/03/23/3

http://www.openwall.com/lists/oss-security/2009/03/24/2

http://www.openwall.com/lists/oss-security/2009/03/25/3

http://www.openwall.com/lists/oss-security/2009/03/25/4

http://www.securityfocus.com/bid/34211

http://arthurenhella.demon.nl/viewvc/nss-ldapd/nss-ldapd/debian/libnss-ldapd.postinst?r1=795&r2=813

http://arthurenhella.demon.nl/viewvc/nss-ldapd/nss-ldapd/man/nss-ldapd.conf.5.xml?r1=805&r2=806

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520476

http://ch.tudelft.nl/~arthur/nss-ldapd/news.html#20090322

http://launchpad.net/bugs/cve/2009-1073

http://secunia.com/advisories/34523

http://www.debian.org/security/2009/dsa-1758

http://www.openwall.com/lists/oss-security/2009/03/23/3

http://www.openwall.com/lists/oss-security/2009/03/24/2

http://www.openwall.com/lists/oss-security/2009/03/25/3

http://www.openwall.com/lists/oss-security/2009/03/25/4

http://www.securityfocus.com/bid/34211