Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2009-3725 | First vendor Publication | 2009-11-06 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3725 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:18387 | |||
| Oval ID: | oval:org.mitre.oval:def:18387 | ||
| Title: | DSA-2015-1 drbd8 linux-modules-extra-2.6 - privilege escalation | ||
| Description: | A local vulnerability has been discovered in drbd8. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2015-1 CVE-2009-3725 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | drbd8 linux-modules-extra-2.6 |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-03-16 | Name : Debian Security Advisory DSA 2012-1 (linux-2.6) File : nvt/deb_2012_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 59449 | Linux Kernel Connector Netlink Packet Local Privilege Escalation Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when unprivileged users being able to send netlink packets to certain subsystems using connector, which can be exploited to change certain configurations and perform other operations that should not be available to unprivileged users. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-03-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2015.nasl - Type : ACT_GATHER_INFO |
| 2010-03-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2012.nasl - Type : ACT_GATHER_INFO |
| 2009-12-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-869-1.nasl - Type : ACT_GATHER_INFO |
| 2009-12-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-864-1.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:10:02 |
|
| 2024-11-28 12:20:03 |
|
| 2024-08-02 12:12:19 |
|
| 2024-08-02 01:03:21 |
|
| 2024-02-02 01:11:48 |
|
| 2024-02-01 12:03:18 |
|
| 2023-09-05 12:11:02 |
|
| 2023-09-05 01:03:09 |
|
| 2023-09-02 12:11:09 |
|
| 2023-09-02 01:03:11 |
|
| 2023-08-12 12:13:06 |
|
| 2023-08-12 01:03:10 |
|
| 2023-08-11 12:11:11 |
|
| 2023-08-11 01:03:18 |
|
| 2023-08-06 12:10:45 |
|
| 2023-08-06 01:03:12 |
|
| 2023-08-04 12:10:51 |
|
| 2023-08-04 01:03:13 |
|
| 2023-07-14 12:10:47 |
|
| 2023-07-14 01:03:11 |
|
| 2023-03-29 01:12:22 |
|
| 2023-03-28 12:03:17 |
|
| 2022-10-11 12:09:37 |
|
| 2022-10-11 01:03:00 |
|
| 2022-03-11 01:08:02 |
|
| 2021-05-04 12:10:21 |
|
| 2021-04-22 01:10:47 |
|
| 2020-08-11 12:04:35 |
|
| 2020-08-08 01:04:37 |
|
| 2020-08-01 12:04:40 |
|
| 2020-07-30 01:04:47 |
|
| 2020-05-23 01:41:00 |
|
| 2020-05-23 00:24:29 |
|
| 2018-11-30 12:02:58 |
|
| 2018-11-16 21:19:32 |
|
| 2018-10-30 12:03:06 |
|
| 2016-08-05 12:02:15 |
|
| 2016-06-29 00:07:47 |
|
| 2016-06-28 17:52:22 |
|
| 2016-04-26 19:12:47 |
|
| 2014-02-17 10:52:04 |
|
| 2013-05-10 23:59:48 |
|
