ID CVE-2011-0022
Summary The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory.
References
Vulnerable Configurations
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a3:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a3:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a4:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a4:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc1:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc1:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc2:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc2:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc3:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc3:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc6:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc6:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc7:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc7:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.7:alpha3:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.7:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha1:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha2:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:redhat:directory_server:8.2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:directory_server:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:directory_server:8.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:directory_server:8.2.3:*:*:*:*:*:*:*
CVSS
Base: 4.7 (as of 31-03-2011 - 03:28)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:N/I:N/A:C
redhat via4
advisories
rhsa
id RHSA-2011:0293
rpms
  • redhat-ds-admin-0:8.2.1-1.el4dsrv
  • redhat-ds-admin-0:8.2.1-1.el5dsrv
  • redhat-ds-admin-debuginfo-0:8.2.1-1.el4dsrv
  • redhat-ds-admin-debuginfo-0:8.2.1-1.el5dsrv
  • redhat-ds-base-0:8.2.4-1.el4dsrv
  • redhat-ds-base-0:8.2.4-1.el5dsrv
  • redhat-ds-base-debuginfo-0:8.2.4-1.el4dsrv
  • redhat-ds-base-debuginfo-0:8.2.4-1.el5dsrv
  • redhat-ds-base-devel-0:8.2.4-1.el4dsrv
  • redhat-ds-base-devel-0:8.2.4-1.el5dsrv
refmap via4
bid 46489
confirm https://bugzilla.redhat.com/show_bug.cgi?id=671199
sectrack 1025102
Last major update 31-03-2011 - 03:28
Published 23-02-2011 - 19:00
Last modified 31-03-2011 - 03:28
Back to Top