2017-10-16 12:31:07 -04:00
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"data_version": "4.0",
|
|
|
|
|
"data_type": "CVE",
|
|
|
|
|
"data_format": "MITRE",
|
2019-03-18 05:12:18 +00:00
|
|
|
"CVE_data_meta": {
|
|
|
|
|
"ID": "CVE-2011-3378",
|
2023-02-02 18:01:36 +00:00
|
|
|
"ASSIGNER": "secalert@redhat.com",
|
2019-03-18 05:12:18 +00:00
|
|
|
"STATE": "PUBLIC"
|
|
|
|
|
},
|
2023-02-02 18:01:36 +00:00
|
|
|
"description": {
|
|
|
|
|
"description_data": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "eng",
|
|
|
|
|
"value": "CVE-2011-3378 rpm: crashes and overflows on malformed header"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"problemtype": {
|
|
|
|
|
"problemtype_data": [
|
|
|
|
|
{
|
|
|
|
|
"description": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "eng",
|
|
|
|
|
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
|
|
|
|
|
"cweId": "CWE-119"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
2019-03-18 05:12:18 +00:00
|
|
|
"affects": {
|
|
|
|
|
"vendor": {
|
|
|
|
|
"vendor_data": [
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"vendor_name": "Red Hat",
|
2019-03-18 05:12:18 +00:00
|
|
|
"product": {
|
|
|
|
|
"product_data": [
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"product_name": "Red Hat Enterprise Linux 3 Extended Lifecycle Support",
|
|
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
|
|
|
|
"version_value": "0:4.2.3-35_nonptl",
|
|
|
|
|
"version_affected": "!"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"product_name": "Red Hat Enterprise Linux 4",
|
|
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
|
|
|
|
"version_value": "0:4.3.3-35_nonptl.el4",
|
|
|
|
|
"version_affected": "!"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"product_name": "Red Hat Enterprise Linux 5",
|
|
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
|
|
|
|
"version_value": "0:4.4.2.3-22.el5_7.2",
|
|
|
|
|
"version_affected": "!"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"product_name": "Red Hat Enterprise Linux 5.3 Long Life",
|
2019-03-18 05:12:18 +00:00
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"version_value": "0:4.4.2.3-9.el5_3.2",
|
|
|
|
|
"version_affected": "!"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"product_name": "Red Hat Enterprise Linux 6",
|
|
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
|
|
|
|
"version_value": "0:4.8.0-16.el6_1.1",
|
|
|
|
|
"version_affected": "!"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"product_name": "Red Hat Enterprise Linux 6.0 EUS - Server Only",
|
|
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
|
|
|
|
"version_value": "0:4.8.0-12.el6_0.1",
|
|
|
|
|
"version_affected": "!"
|
2019-03-18 05:12:18 +00:00
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
]
|
2023-02-02 18:01:36 +00:00
|
|
|
}
|
2019-03-18 05:12:18 +00:00
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"references": {
|
|
|
|
|
"reference_data": [
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00000.html",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00000.html"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00002.html",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00002.html"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=11a7e5d95a8ca8c7d4eaff179094afd8bb74fc3f",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=11a7e5d95a8ca8c7d4eaff179094afd8bb74fc3f"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=a48f0e20cbe2ababc88b2fc52fb7a281d6fc1656",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=a48f0e20cbe2ababc88b2fc52fb7a281d6fc1656"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://rpm.org/wiki/Releases/4.9.1.2#Security",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://rpm.org/wiki/Releases/4.9.1.2#Security"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:143",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:143"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://www.openwall.com/lists/oss-security/2011/09/27/3",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://www.openwall.com/lists/oss-security/2011/09/27/3"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2011-1349.html",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://www.redhat.com/support/errata/RHSA-2011-1349.html"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "http://www.ubuntu.com/usn/USN-1695-1",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "http://www.ubuntu.com/usn/USN-1695-1"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "https://access.redhat.com/errata/RHSA-2011:1349",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "https://access.redhat.com/errata/RHSA-2011:1349"
|
2019-03-18 05:12:18 +00:00
|
|
|
},
|
|
|
|
|
{
|
2023-02-02 18:01:36 +00:00
|
|
|
"url": "https://access.redhat.com/security/cve/CVE-2011-3378",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "https://access.redhat.com/security/cve/CVE-2011-3378"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=741606",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=741606"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=741612",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=741612"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"impact": {
|
|
|
|
|
"cvss": [
|
|
|
|
|
{
|
|
|
|
|
"accessComplexity": "HIGH",
|
|
|
|
|
"accessVector": "NETWORK",
|
|
|
|
|
"authentication": "NONE",
|
|
|
|
|
"availabilityImpact": "COMPLETE",
|
|
|
|
|
"availabilityRequirement": "NOT_DEFINED",
|
|
|
|
|
"baseScore": 7.6,
|
|
|
|
|
"collateralDamagePotential": "NOT_DEFINED",
|
|
|
|
|
"confidentialityImpact": "COMPLETE",
|
|
|
|
|
"confidentialityRequirement": "NOT_DEFINED",
|
|
|
|
|
"environmentalScore": 0,
|
|
|
|
|
"exploitability": "NOT_DEFINED",
|
|
|
|
|
"integrityImpact": "COMPLETE",
|
|
|
|
|
"integrityRequirement": "NOT_DEFINED",
|
|
|
|
|
"remediationLevel": "NOT_DEFINED",
|
|
|
|
|
"reportConfidence": "NOT_DEFINED",
|
|
|
|
|
"targetDistribution": "NOT_DEFINED",
|
|
|
|
|
"temporalScore": 0,
|
|
|
|
|
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
|
|
|
|
|
"version": "2.0"
|
2019-03-18 05:12:18 +00:00
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
