Vulnerability CVE-2004-2778
Published: 2017-06-27

Description:
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands.

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.6/10
4.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Gentoo -> Portage 

 References:
http://www.openwall.com/lists/oss-security/2017/01/28/7
https://bugs.gentoo.org/show_bug.cgi?id=141619
https://bugs.gentoo.org/show_bug.cgi?id=396153
https://bugs.gentoo.org/show_bug.cgi?id=58611
https://bugs.gentoo.org/show_bug.cgi?id=607426
https://bugs.gentoo.org/show_bug.cgi?id=607430
Copyright 2024, cxsecurity.com

 

Back to Top