FKIE_CVE-2011-2490

Vulnerability from fkie_nvd - Published: 2011-07-27 02:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.
References
secalert@redhat.comhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345Patch
secalert@redhat.comhttp://secunia.com/advisories/39966Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/45136Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/45448
secalert@redhat.comhttp://www.debian.org/security/2011/dsa-2281
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2011/06/22/6Exploit, Patch
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2011/06/23/5Exploit, Patch
secalert@redhat.comhttp://www.securityfocus.com/bid/48390
secalert@redhat.comhttps://bugzilla.novell.com/show_bug.cgi?id=698772Exploit, Patch
secalert@redhat.comhttps://bugzillafiles.novell.org/attachment.cgi?id=435901Patch
secalert@redhat.comhttps://hermes.opensuse.org/messages/10082052
secalert@redhat.comhttps://hermes.opensuse.org/messages/10082068
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345Patch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39966Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/45136Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/45448
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2011/dsa-2281
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2011/06/22/6Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2011/06/23/5Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/48390
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.novell.com/show_bug.cgi?id=698772Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108https://bugzillafiles.novell.org/attachment.cgi?id=435901Patch
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/10082052
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/10082068
Impacted products
Vendor Product Version
nrl opie *
nrl opie 2.2
nrl opie 2.3
nrl opie 2.4
nrl opie 2.10
nrl opie 2.11
nrl opie 2.21
nrl opie 2.22
nrl opie 2.32
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nrl:opie:*:test1:*:*:*:*:*:*",
              "matchCriteriaId": "AEEC73FC-2BB6-4B8F-9596-BBB287AFFDA2",
              "versionEndIncluding": "2.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nrl:opie:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D33B387-8EE6-4F36-A4B5-509FF8DA8C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nrl:opie:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B3734D-F6CB-4242-92FA-EDF425CCBCEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nrl:opie:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2B076A0-0216-4A52-ABA6-2E511FB6DB5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nrl:opie:2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B7BBAB-609B-4D4D-BF5A-C4E95F0A8C51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nrl:opie:2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5889C86D-4285-4B22-B3F0-76984D8CEC4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nrl:opie:2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0779EF0-9638-474E-9EF2-971ADA10F1D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nrl:opie:2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AEB7E9A-3F68-4F20-A073-751A76452C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nrl:opie:2.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9A53F58-7514-4B07-AC56-C6F928F9D3F3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes."
    },
    {
      "lang": "es",
      "value": "opielogin.c de opielogin de OPIE 2.4.1-test1 y versiones anteriores no comprueba el valor de retorno de la llamada al sistema setuid, lo que permite a usuarios locales escalar privilegios disponiendo de una cuenta que ya est\u00e9 ejecutando su n\u00famero m\u00e1ximo de procesos."
    }
  ],
  "id": "CVE-2011-2490",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-07-27T02:55:02.087",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39966"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45136"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/45448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2011/dsa-2281"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/48390"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://hermes.opensuse.org/messages/10082052"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://hermes.opensuse.org/messages/10082068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39966"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/45448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2281"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/06/22/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/06/23/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=698772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzillafiles.novell.org/attachment.cgi?id=435901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://hermes.opensuse.org/messages/10082052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://hermes.opensuse.org/messages/10082068"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.