ID CVE-2010-2945
Summary The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp.
References
Vulnerable Configurations
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.3.0
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.3.0
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.6
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.6
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.5
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.5
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.4
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.4
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.3
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.3
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.2
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.2
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.1
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.1
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.0
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.2.0
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.1.0
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.1.0
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.0.0
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.0.0
  • cpe:2.3:a:simone_rota:slim_simple_login_manager:1.3.1
    cpe:2.3:a:simone_rota:slim_simple_login_manager:1.3.1
CVSS
Base: 6.9 (as of 31-08-2010 - 12:13)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-13890.NASL
    description update_slim_wmlist RE fix Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 49159
    published 2010-09-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49159
    title Fedora 13 : slim-1.3.2-2.fc13 (2010-13890)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-13897.NASL
    description update_slim_wmlist RE fix Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 49160
    published 2010-09-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49160
    title Fedora 12 : slim-1.3.2-2.fc12 (2010-13897)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-13843.NASL
    description update_slim_wmlist RE fix Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 49158
    published 2010-09-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49158
    title Fedora 14 : slim-1.3.2-2.fc14 (2010-13843)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_68C7187AABD211DF9BE60015587E2CC1.NASL
    description SLiM assigns logged on users a PATH in which the current working directory ('./') is included. This PATH can allow unintentional code execution through planted binaries and has therefore been fixed SLiM version 1.3.2.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 48380
    published 2010-08-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48380
    title FreeBSD : slim -- insecure PATH assignment (68c7187a-abd2-11df-9be6-0015587e2cc1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010) Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. Insight Perl Tk Module Source-Navigator Tk Partimage Mlmmj acl Xinit gzip ncompress liblzw splashutils GNU M4 KDE Display Manager GTK+ KGet dvipng Beanstalk Policy Mount pam_krb5 GNU gv LFTP Uzbl Slim Bitdefender Console iputils DVBStreamer Impact : A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround : There are no known workarounds at this time.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 79961
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79961
    title GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010
refmap via4
confirm http://svn.berlios.de/viewvc/slim?view=revision&revision=171
mlist
  • [oss-security] 20100819 CVE Request: SLiM insecure PATH assignment
  • [oss-security] 20100820 Re: CVE Request: SLiM insecure PATH assignment
secunia 41005
Last major update 31-08-2010 - 00:00
Published 30-08-2010 - 16:00
Back to Top