Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3977

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2011-3977
Last Modified 13 Feb 2012 11:09:30
Published 04 Oct 2011 06:55:10
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-3977

Summary

Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x before 3.5.0-4 and NX Server 3.x before 3.5.0-5 allows local users to read arbitrary files via unknown vectors.

Vulnerable Systems

Application

  • Nomachine Nx Node 3.0.0

  • Nomachine Nx Node 3.4.0

  • Nomachine Nx Node 3.5.0

  • Nomachine Nx Server 3.0.0

  • Nomachine Nx Server 3.4.0

  • Nomachine Nx Server 3.5.0


References

XF - nxserver-nxconfigure-priv-escalation(69974)

BID - 49720

BUGTRAQ - 20110921 NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux

CONFIRM - http://www.nomachine.com/tr/view.php?id=TR08I02575

SREASON - 8406


Last Updated: 27 May 2016 10:58:14