Vulnerability CVE-2011-2467
Published: 2011-07-26   Modified: 2012-02-13

Description:
SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands via unspecified vectors.

CVSS2 => (AV:A/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
6.4/10
6.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Likewise -> Likewise open 

 References:
http://www.likewise.com/community/index.php/forums/viewannounce/1212_6/
http://www.securityfocus.com/bid/48816
http://www.ubuntu.com/usn/USN-1171-1
https://bugs.launchpad.net/ubuntu/+source/likewise-open/+bug/802748
https://exchange.xforce.ibmcloud.com/vulnerabilities/68765
https://launchpadlibrarian.net/74204969/LWSA-2011-002.txt
Copyright 2024, cxsecurity.com

 

Back to Top