{ "id": "CVE-2011-1681", "sourceIdentifier": "cve@mitre.org", "published": "2011-04-10T02:55:02.633", "lastModified": "2017-08-17T01:34:19.260", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089." }, { "lang": "es", "value": "vmware-hgfsmounter en VMware Open Virtual Machine Tools (tambi\u00e9n conocido como open-vm-tools) v8.4.2-261024 y anteriores se a\u00f1aden al fichero /etc/mtab sin primero verificar si los l\u00edmites de recursos interfieren, lo que permite a usuarios locales provocar la corrupci\u00f3n de este fichero a trav\u00e9s de un proceso con un valor peque\u00f1o RLIMIT_FSIZE, un asunto relacionado con CVE-2011-1089." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N", "accessVector": "LOCAL", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 3.3 }, "baseSeverity": "LOW", "exploitabilityScore": 3.4, "impactScore": 4.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-16" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:vmware:open-vm-tools:*:*:*:*:*:*:*:*", "versionEndIncluding": "8.4.2-261024", "matchCriteriaId": "30920B5D-E4DF-449A-80A9-C72B662E2FE9" } ] } ] } ], "references": [ { "url": "http://openwall.com/lists/oss-security/2011/03/04/10", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/04/11", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/04/12", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/04/9", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/05/3", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/05/7", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/07/9", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/14/16", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/14/5", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/14/7", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/15/6", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/22/4", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/22/6", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/03/31/3", "source": "cve@mitre.org", "tags": [ "Exploit" ] }, { "url": "http://openwall.com/lists/oss-security/2011/03/31/4", "source": "cve@mitre.org" }, { "url": "http://openwall.com/lists/oss-security/2011/04/01/2", "source": "cve@mitre.org" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980", "source": "cve@mitre.org", "tags": [ "Exploit" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66699", "source": "cve@mitre.org" }, { "url": "https://hermes.opensuse.org/messages/8711677", "source": "cve@mitre.org" } ] }