Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0995

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2011-0995
Last Modified 26 May 2011 12:00:00
Published 13 May 2011 01:05:41
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-0995

Summary

The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

Vulnerable Systems

Operating System

  • Novell Suse Linux Enterprise 11

Application

  • Rubyforge Rubygem-sqlite3 1.2.0

  • Rubyforge Rubygem-sqlite3 1.2.1

  • Rubyforge Rubygem-sqlite3 1.2.2

  • Rubyforge Rubygem-sqlite3 1.2.3


References

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=685928

XF - sqlite3ruby-file-overwrite(67263)

BID - 47694

OSVDB - 72180

CONFIRM - http://support.novell.com/security/cve/CVE-2011-0995.html

SECUNIA - 44418


Last Updated: 27 May 2016 10:56:07