NRL : Security vulnerabilities, CVEs published in 2011

Copy

CVE-2011-2490

opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.

Max CVSS

7.2

EPSS Score

0.04%

Published

2011-07-27

Updated

2011-09-07

CVE-2011-2489

Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.

Max CVSS

7.2

EPSS Score

0.04%

Published

2011-07-27

Updated

2011-09-07

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!