admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2002/CVE-2002-11xx/CVE-2002-1160.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

133 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2002-1160",
"sourceIdentifier": "cve@mitre.org",
"published": "2003-02-19T05:00:00.000",
"lastModified": "2016-10-18T02:24:16.047",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su."
},
{
"lang": "es",
"value": "La configuraci\u00f3n por defecto de pam_xauth en Red Hat Linux 7.1 a 8.0 envia MIT-Magic-Cookies a sesiones X nuevas, lo que podr\u00eda permitir a usuarios locales ganar privilegios de root robando las cookies de un fichero .xauth temporal, que es creado con los credenciales del usuario original despues de que root use el comando su"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2
},
"baseSeverity": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": true,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4"
}
]
}
]
}
],
"references": [
{
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000693",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=104431622818954&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760",
"source": "cve@mitre.org"
},
{
"url": "http://www.iss.net/security_center/static/11254.php",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/911505",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2003-028.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2003-035.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/6753",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink