CVE Vulnerabilities

CVE-2001-1374

Published: Jul 19, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.

Affected Software

Name Vendor Start Version End Version
Expect Don_libes 0 0
Expect Don_libes 1 1
Expect Don_libes 2 2
Expect Don_libes 3 3
Expect Don_libes 4 4
Expect Don_libes 5.0 5.0
Expect Don_libes 5.1 5.1
Expect Don_libes 5.2 5.2
Expect Don_libes 5.3 5.3
Expect Don_libes 5.4 5.4
Expect Don_libes 5.5 5.5
Expect Don_libes 5.6 5.6
Expect Don_libes 5.7 5.7
Expect Don_libes 5.8 5.8
Expect Don_libes 5.9 5.9
Expect Don_libes 5.10 5.10
Expect Don_libes 5.11 5.11
Expect Don_libes 5.12 5.12
Expect Don_libes 5.13 5.13
Expect Don_libes 5.14 5.14
Expect Don_libes 5.15 5.15
Expect Don_libes 5.16 5.16
Expect Don_libes 5.17 5.17
Expect Don_libes 5.18 5.18
Expect Don_libes 5.19 5.19
Expect Don_libes 5.20 5.20
Expect Don_libes 5.21 5.21
Expect Don_libes 5.22 5.22
Expect Don_libes 5.23 5.23
Expect Don_libes 5.24 5.24
Expect Don_libes 5.25 5.25
Expect Don_libes 5.26 5.26
Expect Don_libes 5.27 5.27
Expect Don_libes 5.28 5.28
Expect Don_libes 5.29 5.29
Expect Don_libes 5.30 5.30
Expect Don_libes 5.31 5.31
Linux Conectiva 6.0 6.0
Linux Conectiva 7.0 7.0

References