CVE Vulnerabilities

CVE-2011-1056

Published: Feb 21, 2011 | Modified: Jun 20, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.2 MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse.

Affected Software

Name Vendor Start Version End Version
Metasploit_framework Metasploit 3.5.1 (including) 3.5.1 (including)

References