Search criteria
11 vulnerabilities found for opie by nrl
FKIE_CVE-2011-2490
Vulnerability from fkie_nvd - Published: 2011-07-27 02:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nrl:opie:*:test1:*:*:*:*:*:*",
"matchCriteriaId": "AEEC73FC-2BB6-4B8F-9596-BBB287AFFDA2",
"versionEndIncluding": "2.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D33B387-8EE6-4F36-A4B5-509FF8DA8C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B3734D-F6CB-4242-92FA-EDF425CCBCEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B076A0-0216-4A52-ABA6-2E511FB6DB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "32B7BBAB-609B-4D4D-BF5A-C4E95F0A8C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5889C86D-4285-4B22-B3F0-76984D8CEC4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E0779EF0-9638-474E-9EF2-971ADA10F1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEB7E9A-3F68-4F20-A073-751A76452C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A53F58-7514-4B07-AC56-C6F928F9D3F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes."
},
{
"lang": "es",
"value": "opielogin.c de opielogin de OPIE 2.4.1-test1 y versiones anteriores no comprueba el valor de retorno de la llamada al sistema setuid, lo que permite a usuarios locales escalar privilegios disponiendo de una cuenta que ya est\u00e9 ejecutando su n\u00famero m\u00e1ximo de procesos."
}
],
"id": "CVE-2011-2490",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-07-27T02:55:02.087",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39966"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45136"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/45448"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/48390"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
},
{
"source": "secalert@redhat.com",
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"source": "secalert@redhat.com",
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/45448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/10082068"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-2489
Vulnerability from fkie_nvd - Published: 2011-07-27 02:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nrl:opie:*:test1:*:*:*:*:*:*",
"matchCriteriaId": "AEEC73FC-2BB6-4B8F-9596-BBB287AFFDA2",
"versionEndIncluding": "2.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D33B387-8EE6-4F36-A4B5-509FF8DA8C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B3734D-F6CB-4242-92FA-EDF425CCBCEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B076A0-0216-4A52-ABA6-2E511FB6DB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "32B7BBAB-609B-4D4D-BF5A-C4E95F0A8C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5889C86D-4285-4B22-B3F0-76984D8CEC4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E0779EF0-9638-474E-9EF2-971ADA10F1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEB7E9A-3F68-4F20-A073-751A76452C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A53F58-7514-4B07-AC56-C6F928F9D3F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line."
},
{
"lang": "es",
"value": "M\u00faltiples errores \"off-by-one\" (desbordamiento por un elemento) en opiesu.c de opiesu en OPIE 2.4.1-test1 y versiones anteriores permiten a usuarios locales escalar privilegios a trav\u00e9s de un comando modificado."
}
],
"id": "CVE-2011-2489",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-07-27T02:55:02.040",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45136"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/45448"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/48390"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435902"
},
{
"source": "secalert@redhat.com",
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"source": "secalert@redhat.com",
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/45448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/10082068"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-1938
Vulnerability from fkie_nvd - Published: 2010-05-28 18:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 6 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.0-release | |
| freebsd | freebsd | 7.0_beta4 | |
| freebsd | freebsd | 7.0_releng | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.1 | |
| freebsd | freebsd | 7.2 | |
| freebsd | freebsd | 7.2 | |
| freebsd | freebsd | 7.2 | |
| freebsd | freebsd | 8.0 | |
| freebsd | freebsd | 8.1-prerelease | |
| nrl | opie | * | |
| nrl | opie | 2.2 | |
| nrl | opie | 2.3 | |
| nrl | opie | 2.4 | |
| nrl | opie | 2.10 | |
| nrl | opie | 2.11 | |
| nrl | opie | 2.21 | |
| nrl | opie | 2.22 | |
| nrl | opie | 2.32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6:stable:*:*:*:*:*:*",
"matchCriteriaId": "F135D976-52FD-477A-B3C3-9CDDB79ACCBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F7F02A-C845-40BF-8490-510A070000F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release:*:*:*:*:*:*",
"matchCriteriaId": "53D1AD5E-4007-4AFA-A18B-69D1AC055C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release_p2:*:*:*:*:*:*",
"matchCriteriaId": "06BFEE54-DBF3-4546-AE57-2C25FC9F0F04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release_p3:*:*:*:*:*:*",
"matchCriteriaId": "BE1FC1A8-E499-45A0-B89A-5BFA24727DBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release_p4:*:*:*:*:*:*",
"matchCriteriaId": "8E08DCB9-9064-4DB7-B43A-7B415882EB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release_p5:*:*:*:*:*:*",
"matchCriteriaId": "E4A5E6FF-617E-4173-A948-F3728454A012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "06FB0EEA-254E-4A1F-99E7-058FCD518E22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:beta_4:*:*:*:*:*:*",
"matchCriteriaId": "CDFA5AA9-E73F-448D-9754-41AF9AECB93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:current:*:*:*:*:*:*",
"matchCriteriaId": "C4E775BA-6DC1-4006-83A4-D30EA57417FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "42231BCC-2B90-4196-A1C2-408A353C1BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:release:*:*:*:*:*:*",
"matchCriteriaId": "EF8CCA19-1CBF-406F-AF84-00E803423195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:release-p12:*:*:*:*:*:*",
"matchCriteriaId": "0452688A-3E71-4BC9-8942-56ABBC47EA87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:release-p8:*:*:*:*:*:*",
"matchCriteriaId": "510ABA29-1AAA-4279-BAD2-B4624DC60A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:release-p9:*:*:*:*:*:*",
"matchCriteriaId": "7A6C0249-951F-4352-92B2-E6A6CD5F26FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "C3556FE9-9949-4B8E-9E51-1205220B1A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:stable:*:*:*:*:*:*",
"matchCriteriaId": "799D4A5E-7BF1-4B04-89DB-5C929938847B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0-release:*:*:*:*:*:*:*",
"matchCriteriaId": "EC290462-4364-464F-8CE9-6F5E5BE6F246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_beta4:*:*:*:*:*:*:*",
"matchCriteriaId": "F06B831E-D8F2-4380-B279-559CE103210F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACC9072-4A33-4F1F-B790-2F9D5A52F71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "14D72C9B-EEB0-4605-BEA2-F77092129245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "52DBF406-9C77-4DDA-AB7D-40FAE40023D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:release-p1:*:*:*:*:*:*",
"matchCriteriaId": "20A31C9A-A928-4C9B-BB49-0E53227746DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:release-p2:*:*:*:*:*:*",
"matchCriteriaId": "99FB7443-F942-402A-9104-64677EAF014E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:release-p4:*:*:*:*:*:*",
"matchCriteriaId": "305A4C3D-C63D-4D1F-80FF-549182A0D9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:release-p5:*:*:*:*:*:*",
"matchCriteriaId": "C2A31704-E99F-4DBE-ABA4-EC3E566DE6CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:release-p6:*:*:*:*:*:*",
"matchCriteriaId": "E634CDF4-F77B-4917-A452-907A771B5B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "E9A75104-5A3E-485E-B4EC-0873C942731C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F948527C-A01E-4315-80B6-47FACE18A34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "8B573401-DC6F-4AFE-92F5-D96F785D2107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "60D40129-108B-421B-9990-6C6F381C96AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF1F9EF-01AF-4708-AE02-765360AF3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.1-prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "B525B32B-417E-49C8-9847-A9F807FA67B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nrl:opie:*:test1:*:*:*:*:*:*",
"matchCriteriaId": "AEEC73FC-2BB6-4B8F-9596-BBB287AFFDA2",
"versionEndIncluding": "2.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D33B387-8EE6-4F36-A4B5-509FF8DA8C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B3734D-F6CB-4242-92FA-EDF425CCBCEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B076A0-0216-4A52-ABA6-2E511FB6DB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "32B7BBAB-609B-4D4D-BF5A-C4E95F0A8C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5889C86D-4285-4B22-B3F0-76984D8CEC4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E0779EF0-9638-474E-9EF2-971ADA10F1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEB7E9A-3F68-4F20-A073-751A76452C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nrl:opie:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A53F58-7514-4B07-AC56-C6F928F9D3F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd."
},
{
"lang": "es",
"value": "Error Off-by-oneen en la funci\u00f3n __opiereadrec en readrec.c en libopie en OPIE v2.4.1-test1 y anteriores, utilizada en FreeBSD v6.4 hasta v8.1-PRERELEASE y otras plataformas, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un nombre de usuraio largo, como se ha demostrado mediante un comando USER largo en el ftpd FreeBSD v8.0."
}
],
"id": "CVE-2010-1938",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-28T18:30:01.470",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.pi3.com.pl/?p=111"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39963"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39966"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/45136"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/achievement_securityalert/87"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/7450"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024040"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025709"
},
{
"source": "cve@mitre.org",
"url": "http://site.pi3.com.pl/adv/libopie-adv.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/12762"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/40403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.pi3.com.pl/?p=111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/45136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/87"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/7450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://site.pi3.com.pl/adv/libopie-adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/12762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40403"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2011-2490 (GCVE-0-2011-2490)
Vulnerability from cvelistv5 – Published: 2011-07-27 01:29 – Updated: 2024-08-06 23:00
VLAI?
Summary
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "39966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39966"
},
{
"name": "SUSE-SU-2011:0849",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
},
{
"name": "48390",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48390"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
},
{
"name": "45448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-07T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "39966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39966"
},
{
"name": "SUSE-SU-2011:0849",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
},
{
"name": "48390",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48390"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
},
{
"name": "45448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=698772",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"name": "DSA-2281",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "39966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39966"
},
{
"name": "SUSE-SU-2011:0849",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
},
{
"name": "48390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48390"
},
{
"name": "https://bugzillafiles.novell.org/attachment.cgi?id=435901",
"refsource": "CONFIRM",
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
},
{
"name": "45448",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2490",
"datePublished": "2011-07-27T01:29:00",
"dateReserved": "2011-06-15T00:00:00",
"dateUpdated": "2024-08-06T23:00:34.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2489 (GCVE-0-2011-2489)
Vulnerability from cvelistv5 – Published: 2011-07-27 01:29 – Updated: 2024-08-06 23:00
VLAI?
Summary
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435902"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344"
},
{
"name": "SUSE-SU-2011:0849",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"name": "48390",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48390"
},
{
"name": "45448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-07T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435902"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344"
},
{
"name": "SUSE-SU-2011:0849",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"name": "48390",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48390"
},
{
"name": "45448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=698772",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"name": "https://bugzillafiles.novell.org/attachment.cgi?id=435902",
"refsource": "CONFIRM",
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435902"
},
{
"name": "DSA-2281",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344"
},
{
"name": "SUSE-SU-2011:0849",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"name": "48390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48390"
},
{
"name": "45448",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2489",
"datePublished": "2011-07-27T01:29:00",
"dateReserved": "2011-06-15T00:00:00",
"dateUpdated": "2024-08-06T23:00:34.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1938 (GCVE-0-2010-1938)
Vulnerability from cvelistv5 – Published: 2010-05-28 18:00 – Updated: 2024-08-07 02:17
VLAI?
Summary
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:17:13.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.pi3.com.pl/?p=111"
},
{
"name": "7450",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/7450"
},
{
"name": "40403",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40403"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://site.pi3.com.pl/adv/libopie-adv.txt"
},
{
"name": "1024040",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024040"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "FreeBSD-SA-10:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc"
},
{
"name": "39966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39966"
},
{
"name": "12762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/12762"
},
{
"name": "20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/87"
},
{
"name": "1025709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932"
},
{
"name": "39963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39963"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-06-18T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.pi3.com.pl/?p=111"
},
{
"name": "7450",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/7450"
},
{
"name": "40403",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40403"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://site.pi3.com.pl/adv/libopie-adv.txt"
},
{
"name": "1024040",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024040"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "FreeBSD-SA-10:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc"
},
{
"name": "39966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39966"
},
{
"name": "12762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/12762"
},
{
"name": "20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/87"
},
{
"name": "1025709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932"
},
{
"name": "39963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39963"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1938",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.pi3.com.pl/?p=111",
"refsource": "MISC",
"url": "http://blog.pi3.com.pl/?p=111"
},
{
"name": "7450",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/7450"
},
{
"name": "40403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40403"
},
{
"name": "http://site.pi3.com.pl/adv/libopie-adv.txt",
"refsource": "MISC",
"url": "http://site.pi3.com.pl/adv/libopie-adv.txt"
},
{
"name": "1024040",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024040"
},
{
"name": "DSA-2281",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "FreeBSD-SA-10:05",
"refsource": "FREEBSD",
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc"
},
{
"name": "39966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39966"
},
{
"name": "12762",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12762"
},
{
"name": "20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/87"
},
{
"name": "1025709",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025709"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932"
},
{
"name": "39963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39963"
},
{
"name": "45136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1938",
"datePublished": "2010-05-28T18:00:00",
"dateReserved": "2010-05-13T00:00:00",
"dateUpdated": "2024-08-07T02:17:13.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1483 (GCVE-0-2001-1483)
Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
VLAI?
Summary
One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "opie-verify-accounts(7572)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7572"
},
{
"name": "20011115 Re: OpenSSH \u0026 S/Key information leakage",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/20011115221226.7C93E186B0%40atlas.dgp.toronto.edu"
},
{
"name": "3549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3549"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "opie-verify-accounts(7572)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7572"
},
{
"name": "20011115 Re: OpenSSH \u0026 S/Key information leakage",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/20011115221226.7C93E186B0%40atlas.dgp.toronto.edu"
},
{
"name": "3549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3549"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "opie-verify-accounts(7572)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7572"
},
{
"name": "20011115 Re: OpenSSH \u0026 S/Key information leakage",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/20011115221226.7C93E186B0@atlas.dgp.toronto.edu"
},
{
"name": "3549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3549"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1483",
"datePublished": "2005-06-21T04:00:00",
"dateReserved": "2005-06-21T00:00:00",
"dateUpdated": "2024-08-08T04:58:11.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2490 (GCVE-0-2011-2490)
Vulnerability from nvd – Published: 2011-07-27 01:29 – Updated: 2024-08-06 23:00
VLAI?
Summary
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "39966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39966"
},
{
"name": "SUSE-SU-2011:0849",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
},
{
"name": "48390",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48390"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
},
{
"name": "45448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-07T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "39966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39966"
},
{
"name": "SUSE-SU-2011:0849",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
},
{
"name": "48390",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48390"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
},
{
"name": "45448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=698772",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"name": "DSA-2281",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "39966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39966"
},
{
"name": "SUSE-SU-2011:0849",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
},
{
"name": "48390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48390"
},
{
"name": "https://bugzillafiles.novell.org/attachment.cgi?id=435901",
"refsource": "CONFIRM",
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
},
{
"name": "45448",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2490",
"datePublished": "2011-07-27T01:29:00",
"dateReserved": "2011-06-15T00:00:00",
"dateUpdated": "2024-08-06T23:00:34.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2489 (GCVE-0-2011-2489)
Vulnerability from nvd – Published: 2011-07-27 01:29 – Updated: 2024-08-06 23:00
VLAI?
Summary
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435902"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344"
},
{
"name": "SUSE-SU-2011:0849",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"name": "48390",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48390"
},
{
"name": "45448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-07T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435902"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344"
},
{
"name": "SUSE-SU-2011:0849",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"name": "48390",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48390"
},
{
"name": "45448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
},
{
"name": "[oss-security] 20110622 CVE requests: opie off by one and setuid() failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
},
{
"name": "openSUSE-SU-2011:0848",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10082052"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=698772",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
},
{
"name": "https://bugzillafiles.novell.org/attachment.cgi?id=435902",
"refsource": "CONFIRM",
"url": "https://bugzillafiles.novell.org/attachment.cgi?id=435902"
},
{
"name": "DSA-2281",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344"
},
{
"name": "SUSE-SU-2011:0849",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/10082068"
},
{
"name": "48390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48390"
},
{
"name": "45448",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45448"
},
{
"name": "45136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2489",
"datePublished": "2011-07-27T01:29:00",
"dateReserved": "2011-06-15T00:00:00",
"dateUpdated": "2024-08-06T23:00:34.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1938 (GCVE-0-2010-1938)
Vulnerability from nvd – Published: 2010-05-28 18:00 – Updated: 2024-08-07 02:17
VLAI?
Summary
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:17:13.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.pi3.com.pl/?p=111"
},
{
"name": "7450",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/7450"
},
{
"name": "40403",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40403"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://site.pi3.com.pl/adv/libopie-adv.txt"
},
{
"name": "1024040",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024040"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "FreeBSD-SA-10:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc"
},
{
"name": "39966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39966"
},
{
"name": "12762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/12762"
},
{
"name": "20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/87"
},
{
"name": "1025709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932"
},
{
"name": "39963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39963"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-06-18T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.pi3.com.pl/?p=111"
},
{
"name": "7450",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/7450"
},
{
"name": "40403",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40403"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://site.pi3.com.pl/adv/libopie-adv.txt"
},
{
"name": "1024040",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024040"
},
{
"name": "DSA-2281",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "FreeBSD-SA-10:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc"
},
{
"name": "39966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39966"
},
{
"name": "12762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/12762"
},
{
"name": "20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/87"
},
{
"name": "1025709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932"
},
{
"name": "39963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39963"
},
{
"name": "45136",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1938",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.pi3.com.pl/?p=111",
"refsource": "MISC",
"url": "http://blog.pi3.com.pl/?p=111"
},
{
"name": "7450",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/7450"
},
{
"name": "40403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40403"
},
{
"name": "http://site.pi3.com.pl/adv/libopie-adv.txt",
"refsource": "MISC",
"url": "http://site.pi3.com.pl/adv/libopie-adv.txt"
},
{
"name": "1024040",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024040"
},
{
"name": "DSA-2281",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2281"
},
{
"name": "FreeBSD-SA-10:05",
"refsource": "FREEBSD",
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc"
},
{
"name": "39966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39966"
},
{
"name": "12762",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12762"
},
{
"name": "20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/87"
},
{
"name": "1025709",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025709"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932"
},
{
"name": "39963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39963"
},
{
"name": "45136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1938",
"datePublished": "2010-05-28T18:00:00",
"dateReserved": "2010-05-13T00:00:00",
"dateUpdated": "2024-08-07T02:17:13.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1483 (GCVE-0-2001-1483)
Vulnerability from nvd – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
VLAI?
Summary
One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "opie-verify-accounts(7572)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7572"
},
{
"name": "20011115 Re: OpenSSH \u0026 S/Key information leakage",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/20011115221226.7C93E186B0%40atlas.dgp.toronto.edu"
},
{
"name": "3549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3549"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "opie-verify-accounts(7572)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7572"
},
{
"name": "20011115 Re: OpenSSH \u0026 S/Key information leakage",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/20011115221226.7C93E186B0%40atlas.dgp.toronto.edu"
},
{
"name": "3549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3549"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "opie-verify-accounts(7572)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7572"
},
{
"name": "20011115 Re: OpenSSH \u0026 S/Key information leakage",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/20011115221226.7C93E186B0@atlas.dgp.toronto.edu"
},
{
"name": "3549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3549"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1483",
"datePublished": "2005-06-21T04:00:00",
"dateReserved": "2005-06-21T00:00:00",
"dateUpdated": "2024-08-08T04:58:11.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}