Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-2071 | First vendor Publication | 2010-06-16 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 4.6 | Attack Range | Local |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2071 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
| 2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
| 2010-12-28 | Name : Fedora Update for kernel FEDORA-2010-18983 File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl |
| 2010-12-23 | Name : Fedora Update for kernel FEDORA-2010-18506 File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl |
| 2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18432 File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl |
| 2010-10-01 | Name : SuSE Update for kernel SUSE-SA:2010:046 File : nvt/gb_suse_2010_046.nasl |
| 2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14878 File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl |
| 2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14890 File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl |
| 2010-09-10 | Name : Fedora Update for kernel FEDORA-2010-14235 File : nvt/gb_fedora_2010_14235_kernel_fc13.nasl |
| 2010-09-07 | Name : Fedora Update for kernel FEDORA-2010-13903 File : nvt/gb_fedora_2010_13903_kernel_fc12.nasl |
| 2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13058 File : nvt/gb_fedora_2010_13058_kernel_fc13.nasl |
| 2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13110 File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl |
| 2010-08-06 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-966-1 File : nvt/gb_ubuntu_USN_966_1.nasl |
| 2010-08-06 | Name : Fedora Update for kernel FEDORA-2010-11462 File : nvt/gb_fedora_2010_11462_kernel_fc13.nasl |
| 2010-08-06 | Name : Fedora Update for kernel FEDORA-2010-11412 File : nvt/gb_fedora_2010_11412_kernel_fc12.nasl |
| 2010-07-16 | Name : Fedora Update for kernel FEDORA-2010-10880 File : nvt/gb_fedora_2010_10880_kernel_fc12.nasl |
| 2010-07-12 | Name : Fedora Update for kernel FEDORA-2010-10876 File : nvt/gb_fedora_2010_10876_kernel_fc13.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 65535 | Linux Kernel btrfs fs/btrfs/acl.c btrfs_xattr_set_acl Function Arbitrary ACL ... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-09-24 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO |
| 2010-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-966-1.nasl - Type : ACT_GATHER_INFO |
| 2010-07-14 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10880.nasl - Type : ACT_GATHER_INFO |
| 2010-07-09 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10876.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:08:16 |
|
| 2024-11-28 12:22:04 |
|
| 2024-08-02 12:13:48 |
|
| 2024-08-02 01:03:44 |
|
| 2024-02-02 01:13:23 |
|
| 2024-02-01 12:03:40 |
|
| 2023-09-05 12:12:28 |
|
| 2023-09-05 01:03:31 |
|
| 2023-09-02 12:12:31 |
|
| 2023-09-02 01:03:33 |
|
| 2023-08-12 12:14:52 |
|
| 2023-08-12 01:03:32 |
|
| 2023-08-11 12:12:34 |
|
| 2023-08-11 01:03:41 |
|
| 2023-08-06 12:12:05 |
|
| 2023-08-06 01:03:35 |
|
| 2023-08-04 12:12:11 |
|
| 2023-08-04 01:03:35 |
|
| 2023-07-14 12:12:07 |
|
| 2023-07-14 01:03:34 |
|
| 2023-03-29 01:13:52 |
|
| 2023-03-28 12:03:40 |
|
| 2023-02-13 09:29:10 |
|
| 2022-10-11 12:10:48 |
|
| 2022-10-11 01:03:21 |
|
| 2022-03-11 01:09:00 |
|
| 2021-05-04 12:12:12 |
|
| 2021-04-22 01:12:43 |
|
| 2020-08-11 09:22:41 |
|
| 2020-08-08 00:22:44 |
|
| 2020-08-07 09:22:43 |
|
| 2020-08-06 21:23:00 |
|
| 2020-08-01 12:05:13 |
|
| 2020-07-30 01:05:22 |
|
| 2020-05-23 01:42:09 |
|
| 2020-05-23 00:25:53 |
|
| 2019-01-25 12:03:11 |
|
| 2018-11-17 12:01:42 |
|
| 2018-10-30 12:03:24 |
|
| 2016-07-01 11:06:50 |
|
| 2016-06-29 00:13:16 |
|
| 2016-06-28 18:12:43 |
|
| 2016-04-26 19:51:24 |
|
| 2014-02-17 10:55:42 |
|
| 2013-05-10 23:26:02 |
|
