Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1496

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2011-1496
Last Modified 06 Sep 2011 11:16:04
Published 18 Apr 2011 02:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-1496

Summary

tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option.

Vulnerable Systems

Application

  • Nicholas Marriott Tmux 1.3

  • Nicholas Marriott Tmux 1.4


References

XF - tmux-setgid-privilege-escalation(66693)

VUPEN - ADV-2011-1015

VUPEN - ADV-2011-1002

VUPEN - ADV-2011-0897

BID - 47283

EXPLOIT-DB - 17147

DEBIAN - DSA-2212

SECUNIA - 44239

SECUNIA - 44081

FEDORA - FEDORA-2011-5486

FEDORA - FEDORA-2011-5156

FEDORA - FEDORA-2011-5167


Last Updated: 27 May 2016 10:56:21