| Vulnerability Name: | CVE-2004-1116 (CCN-18149) | ||||||||
| Assigned: | 2004-11-18 | ||||||||
| Published: | 2004-11-18 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2004-1115 Source: MITRE Type: CNA CVE-2004-1116 Source: MITRE Type: CNA CVE-2004-1117 Source: CCN Type: GLSA-200411-26 GIMPS, SETI@home, ChessBrain: Insecure installation Source: GENTOO Type: Patch, Vendor Advisory GLSA-200411-26 Source: CCN Type: OSVDB ID: 11923 GIMPS Insecure File Ownership Local Privilege Escalation Source: CCN Type: OSVDB ID: 11924 SETI@home Insecure File Ownership Local Privilege Escalation Source: CCN Type: OSVDB ID: 11925 ChessBrain Insecure File Ownership Local Privilege Escalation Source: CCN Type: BID-11698 Gentoo GIMPS EBuild Insecure Default Permissions Vulnerability Source: CCN Type: BID-11699 Gentoo SETI@home EBuild Insecure Default Permissions Vulnerability Source: CCN Type: BID-11700 Gentoo ChessBrain EBuild Insecure Default Permissions Vulnerability Source: XF Type: UNKNOWN seti@home-gain-privileges(18149) Source: XF Type: UNKNOWN seti@home-gain-privileges(18149) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||