2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2011-1835" ,
"sourceIdentifier" : "security@ubuntu.com" ,
"published" : "2014-02-15T14:57:06.330" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T01:27:08.720" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps."
} ,
{
"lang" : "es" ,
"value" : "El proceso de configuraci\u00f3n de directorio privado cifrado en utils/ecryptfs-setup-private en ecryptfs-utils anterior a 90 no asegura debidamente que el archivo passphrase es creado, lo que podr\u00eda permitir a usuarios locales evadir las restricciones de acceso en cierto momento en los pasos de creaci\u00f3n de un nuevo usuario."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:P/A:P" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.4 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "LOCAL" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 3.4 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-255"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "89" ,
"matchCriteriaId" : "A9E226CD-F9E6-4B09-93B9-569D0FBDE943"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:62:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D197F4A3-473A-48FF-9C7F-658C6C1A6447"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:63:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "723E43D2-1130-424E-915E-1A6272FCEB41"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:64:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E01C51EC-BE54-48B9-B9A5-740836C97B01"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:65:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0AFDA6DA-B6D7-4AAC-9288-A6AA459BE69B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:66:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FC251173-56EF-47A9-A119-F9C274BAD2CF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:67:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "605ABD47-0352-49ED-A144-7C5696E38C4D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:68:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "93457510-CCBF-4D63-B308-060BBAC06D2F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:69:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F0C9AC87-2A7B-45B5-BE9C-8244B777FAA2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:70:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4FC81566-A73B-463B-86AE-D81B25C5849E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:71:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DD2BA072-A019-42FA-946D-53E01AC034AB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:72:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "77BDB4AC-112A-4CE9-88C7-4DEC352C7766"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:73:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "574C934F-BDE7-4917-B24D-586DF6E148F4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:74:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "74DB67B9-A924-4228-918F-322838B74E48"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:75:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6916E70E-C639-4880-83AC-5A90C589FFDF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:76:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CF0B9852-4258-4963-98C4-7FED40BB0BC9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:77:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A1862F4F-D023-4C9E-B2CD-F6DF282AB351"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:78:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6A905D1F-F329-451E-92E1-E3AEA75000BF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:79:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3CBD61AB-AE3C-4B21-A369-F38ED20489F1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:80:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "06DC6EF5-1192-4186-B99B-9615BF74F7B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:81:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F16E0B1E-C7FA-48D3-ACE1-5CCC4C8E3319"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:82:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6FD6A8D7-2FEE-43B6-A6C2-C18A13A0E870"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:83:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "181A9F89-9B45-4025-BB7F-42B0AF6CB534"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:84:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CC38EDAA-BF0C-4BE3-9151-995A329B6653"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:85:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BE16EEF5-2EC2-4D35-8D0A-778E5F647600"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:86:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F7759293-210E-498E-BF9C-E11A748174CE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs-utils:87:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0A41D43F-E57C-41CB-A121-D1E3692900B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs_utils:58:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CE9A6D32-8A3D-4A25-BF1E-2ED812539F00"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs_utils:59:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AB9630D3-DE46-4C60-A9B0-57B8B9B3C857"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs_utils:60:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DFE4E253-4CE1-4122-8FFA-974A466D309B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ecryptfs:ecryptfs_utils:61:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "74A6D874-CFFC-49C8-8BB0-DC5DA52E5A16"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html" ,
"source" : "security@ubuntu.com"
} ,
{
"url" : "http://www.ubuntu.com/usn/USN-1188-1" ,
"source" : "security@ubuntu.com"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=729465" ,
"source" : "security@ubuntu.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://launchpad.net/ecryptfs/+download" ,
"source" : "security@ubuntu.com"
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.ubuntu.com/usn/USN-1188-1" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=729465" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://launchpad.net/ecryptfs/+download" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
