CVE-2011-0523

EUVD-2011-0543
gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
1.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
iaingypsy
0.8
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gypsy
hardy
dne
lucid
dne
maverick
Fixed 0.8-0ubuntu1.1
released
natty
Fixed 0.8-0ubuntu2.1
released
oneiric
Fixed 0.8-0ubuntu3.1
released
Common Weakness Enumeration
References
http://cgit.freedesktop.org/gypsy/commit/?id=40101707cddb319481133b2a137294b6b669bd16
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106919.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106927.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107020.html
http://lists.opensuse.org/opensuse-updates/2012-07/msg00034.html
http://secunia.com/advisories/49991
http://www.openwall.com/lists/oss-security/2011/01/24/10
http://www.openwall.com/lists/oss-security/2011/01/25/10
https://bugs.freedesktop.org/show_bug.cgi?id=33431
https://bugs.launchpad.net/ubuntu/+source/gypsy/+bug/690323
http://cgit.freedesktop.org/gypsy/commit/?id=40101707cddb319481133b2a137294b6b669bd16
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106919.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106927.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107020.html
http://lists.opensuse.org/opensuse-updates/2012-07/msg00034.html
http://secunia.com/advisories/49991
http://www.openwall.com/lists/oss-security/2011/01/24/10
http://www.openwall.com/lists/oss-security/2011/01/25/10
https://bugs.freedesktop.org/show_bug.cgi?id=33431
https://bugs.launchpad.net/ubuntu/+source/gypsy/+bug/690323