Vulnerability Name:

CVE-2011-0988 (CCN-66618)

Assigned:2011-04-06
Published:2011-04-06
Updated:2017-08-17
Summary:pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2011-0988

Source: CCN
Type: SA44039
SUSE pure-ftpd Privilege Escalation Vulnerability

Source: SECUNIA
Type: Vendor Advisory
44039

Source: CCN
Type: Novell Web site
Linux Server: SUSE Linux Enterprise Server By Novell

Source: CCN
Type: OSVDB ID: 74998
pure-ftpd for SUSE Linux Enterprise Server OES pure-ftpd Netware Extensions World Writable Folder Weakness Local Privilege Escalation

Source: CCN
Type: BID-47425
SUSE Pure-FTPd Local Insecure File Permissions Vulnerability

Source: XF
Type: UNKNOWN
sles-pureftpd-privilege-escalation(66618)

Source: XF
Type: UNKNOWN
sles-pureftpd-privilege-escalation(66618)

Source: SUSE
Type: UNKNOWN
SUSE-SU-2011:0306

Source: SUSE
Type: SUSE-SR:2011:007
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:pureftpd:pure-ftpd:1.0.22:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux:10:sp3:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux:10:sp4:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux:11:sp3:desktop:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux:11:sp4:desktop:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20110988
    V
    		CVE-2011-0988
    2022-05-20
    BACK
    pureftpd pure-ftpd 1.0.22
    novell suse linux 10 sp3
    novell suse linux 10 sp4
    novell suse linux 11 sp3
    novell suse linux 11 sp4
    suse linux enterprise server 10 sp4
    suse linux enterprise server 10 sp3
    suse linux enterprise desktop 10 sp4