Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1159

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2011-1159
Last Modified 14 May 2012 12:00:00
Published 04 Oct 2011 10:56:24
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-1159

Summary

acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.

Vulnerable Systems

Application

  • Tedfelix Acpid 1.0.10

  • Tedfelix Acpid 1.0.8

  • Tedfelix Acpid 2.0.0

  • Tedfelix Acpid 2.0.1

  • Tedfelix Acpid 2.0.2

  • Tedfelix Acpid 2.0.3

  • Tedfelix Acpid 2.0.4

  • Tedfelix Acpid 2.0.5

  • Tedfelix Acpid 2.0.7

  • Tedfelix Acpid 2.0.8

  • Tedfelix Acpid 2.06


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=688698

MLIST - [oss-security] 20110315 Re: 2 acpid flaws

MLIST - [oss-security] 20110119 2 acpid flaws

FEDORA - FEDORA-2011-6460

FEDORA - FEDORA-2011-6681

BID - 45915

SECUNIA - 44621

SECUNIA - 42947


Last Updated: 27 May 2016 10:56:12