Vulnerability Details : CVE-2011-1946
gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of these accounts.
Products affected by CVE-2011-1946
- cpe:2.3:a:hongli_lai:libgnomesu:1.0.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1946
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1946
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2011-1946
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1946
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/67720
libgnomesu PAM backend setuid() privilege escalation CVE-2011-1946 Vulnerability Report
-
http://openwall.com/lists/oss-security/2011/05/31/11
oss-security - Re: CVE request: libgnomesu privilege escalationPatch
-
http://www.securityfocus.com/bid/48035
libgnomesu PAM Backend 'setuid()' Return Value Local Privilege Escalation Vulnerability
-
http://openwall.com/lists/oss-security/2011/05/30/2
oss-security - CVE request: libgnomesu privilege escalationPatch
-
https://bugzilla.novell.com/show_bug.cgi?id=695627
Bug 695627 – VUL-0: libgnomesu pam backend missing setuid() retval checkPatch
Jump to