CVE-2001-1384

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2001-1384
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://www.linuxsecurity.com/advisories/other_advisory-1650.html Patch Vendor Advisory
http://www.iss.net/security_center/static/7311.php Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2001-129.html
http://www.redhat.com/support/errata/RHSA-2001-130.html
http://www.novell.com/linux/security/advisories/2001_036_kernel_txt.html
http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-035-01
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-036.0.txt
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-079.php3
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3
http://online.securityfocus.com/advisories/3713
http://www.securityfocus.com/bid/3447
http://marc.info/?l=bugtraq&m=100350685431610&w=2
http://marc.info/?l=bugtraq&m=100343090106914&w=2
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:2.2.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.9:*:*:*:*:*:*:*
Information

Published : 2001-10-17 21:00

Updated : 2016-10-17 19:14

NVD link : CVE-2001-1384

Mitre link : CVE-2001-1384

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

linux

  • linux_kernel