Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2660

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-2660
Last Modified 25 Oct 2011 11:00:03
Published 06 Sep 2011 12:55:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2660

Summary

The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name.

Vulnerable Systems

Operating System

  • Suse Linux Enterprise Desktop 11

Application

  • Suse Vpnc 0.5.1


References

CONFIRM - https://bugzilla.novell.com/708656

CONFIRM - https://bugzilla.novell.com/651577

XF - vpnc-modifyresolvconfsuse-command-execution(69514)

BID - 49391

SUSE - SUSE-SU-2011:0980

SUSE - SUSE-SU-2011:0979


Last Updated: 27 May 2016 10:57:04