[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2015-3248

Date: (C)2017-09-27   (M)2017-10-10
 
CVSS Score: 4.7Access Vector: LOCAL
Exploitability Subscore: 3.4Access Complexity: MEDIUM
Impact Subscore: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE











openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting /var/lib and cause a denial of service (disk consumption).

Reference:
FEDORA-2015-10944
http://openhpi.org/Changelogs/3.6.0
https://bugzilla.redhat.com/show_bug.cgi?id=1233521

CWE    1
CWE-400
OVAL    4
oval:org.secpod.oval:def:204188
oval:org.secpod.oval:def:501699
oval:org.secpod.oval:def:1501234
oval:org.secpod.oval:def:109576
...

© 2013 SecPod Technologies