CVE-2011-0022
Last modified
CVE-2011-0022 is a vulnerability of currently unknown severity. The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory.. EPSS estimates a 0.29% chance of exploitation in the next 30 days.
Description
The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Fedoraproject | 389 Directory Server | 1.2.1 | — |
| Fedoraproject | 389 Directory Server | 1.2.2 | — |
| Fedoraproject | 389 Directory Server | 1.2.3 | — |
| Fedoraproject | 389 Directory Server | 1.2.5 | — |
| Fedoraproject | 389 Directory Server | 1.2.6 | — |
| Fedoraproject | 389 Directory Server | 1.2.6.1 | — |
| Fedoraproject | 389 Directory Server | 1.2.7 | Alpha3 |
| Fedoraproject | 389 Directory Server | 1.2.7.5 | — |
| Fedoraproject | 389 Directory Server | 1.2.8 | Alpha1 |
| Redhat | Directory Server | 8.2 | — |
| Redhat | Directory Server | 8.2.3 | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-0022?
How severe is CVE-2011-0022?
How do I fix CVE-2011-0022?
Are you affected by CVE-2011-0022?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST