CVE-2011-0541 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	3.3 UNKNOWN	LOCAL	MEDIUM		AV:L/AC:M/Au:N/C:N/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 13%

Affected Products (NVD)

Vendor	Product	Version
fuse	fuse	𝑥 ≤ 2.8.5
fuse	fuse	1.9
fuse	fuse	2.0:pre0
fuse	fuse	2.0:pre1
fuse	fuse	2.1
fuse	fuse	2.2
fuse	fuse	2.2.1
fuse	fuse	2.3:pre
fuse	fuse	2.3:rc1
fuse	fuse	2.3.0
fuse	fuse	2.4.0
fuse	fuse	2.4.1
fuse	fuse	2.4.2
fuse	fuse	2.5.0
fuse	fuse	2.5.1
fuse	fuse	2.5.2
fuse	fuse	2.5.3
fuse	fuse	2.6.0
fuse	fuse	2.6.1
fuse	fuse	2.6.3
fuse	fuse	2.6.5
fuse	fuse	2.7.0
fuse	fuse	2.7.1
fuse	fuse	2.7.2
fuse	fuse	2.7.3
fuse	fuse	2.7.4
fuse	fuse	2.7.5
fuse	fuse	2.7.6
fuse	fuse	2.8.0
fuse	fuse	2.8.1
fuse	fuse	2.8.2
fuse	fuse	2.8.3
fuse	fuse	2.8.4

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

fuse

bookworm	2.9.9-6 fixed
bullseye	2.9.9-5 fixed
sid	2.9.9-9 fixed
squeeze	no-dsa
trixie	2.9.9-9 fixed

Ubuntu Releases

Ubuntu Product

Codename

fuse

dapper	ignored
hardy	Fixed 2.7.2-1ubuntu2.3 released
karmic	Fixed 2.7.4-1.1ubuntu4.5 released
lucid	Fixed 2.8.1-1.1ubuntu3.1 released
maverick	Fixed 2.8.4-1ubuntu1.3 released

openSUSE / SLES Releases

openSUSE Product

Release

fuse

suse enterprise desktop 15	2.9.7-1.49 fixed
suse enterprise desktop 15 SP1	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP2	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP3	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP4	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP5	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP6	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP7	2.9.7-3.3.1 fixed
suse enterprise sap 12 SP5	2.9.3-6.3.1 fixed
suse enterprise sap 15	2.9.7-1.49 fixed
suse enterprise sap 15 SP1	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP2	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP3	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP4	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP5	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP6	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP7	2.9.7-3.3.1 fixed
suse enterprise server 12 SP1	2.9.3-5.1 fixed
suse enterprise server 12 SP2	2.9.3-5.1 fixed
suse enterprise server 12 SP3	2.9.3-5.1 fixed
suse enterprise server 12 SP4	2.9.3-6.3.1 fixed
suse enterprise server 12 SP5	2.9.3-6.3.1 fixed
suse enterprise server 15	2.9.7-1.49 fixed
suse enterprise server 15 SP1	2.9.7-3.3.1 fixed
suse enterprise server 15 SP2	2.9.7-3.3.1 fixed
suse enterprise server 15 SP3	2.9.7-3.3.1 fixed
suse enterprise server 15 SP4	2.9.7-3.3.1 fixed
suse enterprise server 15 SP5	2.9.7-3.3.1 fixed
suse enterprise server 15 SP6	2.9.7-3.3.1 fixed
suse enterprise server 15 SP7	2.9.7-3.3.1 fixed

fuse-devel

suse enterprise desktop 15	2.9.7-1.49 fixed
suse enterprise desktop 15 SP1	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP2	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP3	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP4	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP5	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP6	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP7	2.9.7-3.3.1 fixed
suse enterprise sap 15	2.9.7-1.49 fixed
suse enterprise sap 15 SP1	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP2	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP3	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP4	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP5	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP6	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP7	2.9.7-3.3.1 fixed
suse enterprise server 15	2.9.7-1.49 fixed
suse enterprise server 15 SP1	2.9.7-3.3.1 fixed
suse enterprise server 15 SP2	2.9.7-3.3.1 fixed
suse enterprise server 15 SP3	2.9.7-3.3.1 fixed
suse enterprise server 15 SP4	2.9.7-3.3.1 fixed
suse enterprise server 15 SP5	2.9.7-3.3.1 fixed
suse enterprise server 15 SP6	2.9.7-3.3.1 fixed
suse enterprise server 15 SP7	2.9.7-3.3.1 fixed

fuse-doc

suse enterprise desktop 15	2.9.7-1.49 fixed
suse enterprise desktop 15 SP1	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP2	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP3	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP4	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP5	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP6	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP7	2.9.7-3.3.1 fixed
suse enterprise sap 15	2.9.7-1.49 fixed
suse enterprise sap 15 SP1	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP2	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP3	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP4	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP5	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP6	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP7	2.9.7-3.3.1 fixed
suse enterprise server 15	2.9.7-1.49 fixed
suse enterprise server 15 SP1	2.9.7-3.3.1 fixed
suse enterprise server 15 SP2	2.9.7-3.3.1 fixed
suse enterprise server 15 SP3	2.9.7-3.3.1 fixed
suse enterprise server 15 SP4	2.9.7-3.3.1 fixed
suse enterprise server 15 SP5	2.9.7-3.3.1 fixed
suse enterprise server 15 SP6	2.9.7-3.3.1 fixed
suse enterprise server 15 SP7	2.9.7-3.3.1 fixed

libfuse2

suse enterprise desktop 15	2.9.7-1.49 fixed
suse enterprise desktop 15 SP1	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP2	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP3	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP4	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP5	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP6	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP7	2.9.7-3.3.1 fixed
suse enterprise sap 12 SP5	2.9.3-6.3.1 fixed
suse enterprise sap 15	2.9.7-1.49 fixed
suse enterprise sap 15 SP1	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP2	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP3	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP4	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP5	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP6	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP7	2.9.7-3.3.1 fixed
suse enterprise server 12 SP1	2.9.3-5.1 fixed
suse enterprise server 12 SP2	2.9.3-5.1 fixed
suse enterprise server 12 SP3	2.9.3-5.1 fixed
suse enterprise server 12 SP4	2.9.3-6.3.1 fixed
suse enterprise server 12 SP5	2.9.3-6.3.1 fixed
suse enterprise server 15	2.9.7-1.49 fixed
suse enterprise server 15 SP1	2.9.7-3.3.1 fixed
suse enterprise server 15 SP2	2.9.7-3.3.1 fixed
suse enterprise server 15 SP3	2.9.7-3.3.1 fixed
suse enterprise server 15 SP4	2.9.7-3.3.1 fixed
suse enterprise server 15 SP5	2.9.7-3.3.1 fixed
suse enterprise server 15 SP6	2.9.7-3.3.1 fixed
suse enterprise server 15 SP7	2.9.7-3.3.1 fixed

libulockmgr1

suse enterprise desktop 15	2.9.7-1.49 fixed
suse enterprise desktop 15 SP1	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP2	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP3	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP4	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP5	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP6	2.9.7-3.3.1 fixed
suse enterprise desktop 15 SP7	2.9.7-3.3.1 fixed
suse enterprise sap 15	2.9.7-1.49 fixed
suse enterprise sap 15 SP1	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP2	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP3	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP4	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP5	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP6	2.9.7-3.3.1 fixed
suse enterprise sap 15 SP7	2.9.7-3.3.1 fixed
suse enterprise server 15	2.9.7-1.49 fixed
suse enterprise server 15 SP1	2.9.7-3.3.1 fixed
suse enterprise server 15 SP2	2.9.7-3.3.1 fixed
suse enterprise server 15 SP3	2.9.7-3.3.1 fixed
suse enterprise server 15 SP4	2.9.7-3.3.1 fixed
suse enterprise server 15 SP5	2.9.7-3.3.1 fixed
suse enterprise server 15 SP6	2.9.7-3.3.1 fixed
suse enterprise server 15 SP7	2.9.7-3.3.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

fuse

RHEL 6

0:2.8.3-3.el6_1

fixed

fuse-devel

RHEL 6

0:2.8.3-3.el6_1

fixed

fuse-libs

RHEL 6

0:2.8.3-3.el6_1

fixed

Common Weakness Enumeration

CWE-59 - Improper Link Resolution Before File Access ('Link Following')
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References

http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=bf5ffb5fd8558bd799791834def431c0cee5a11f

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

http://www.openwall.com/lists/oss-security/2011/02/02/2

http://www.openwall.com/lists/oss-security/2011/02/03/5

http://www.openwall.com/lists/oss-security/2011/02/08/4

http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=bf5ffb5fd8558bd799791834def431c0cee5a11f

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

http://www.openwall.com/lists/oss-security/2011/02/02/2

http://www.openwall.com/lists/oss-security/2011/02/03/5

http://www.openwall.com/lists/oss-security/2011/02/08/4