Rsbac » Rule Set Based Access Control : Security Vulnerabilities, CVEs, CVSS score >= 2
Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes.
Max CVSS
6.4
EPSS Score
0.38%
Published
2007-07-23
Updated
2023-06-20
Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-08-06
Updated
2023-06-20
2 vulnerabilities found