Executive Summary

Informations
Name CVE-2011-1412 First vendor Publication 2011-08-03
Vendor Cve Last vendor Modification 2018-10-09

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5.1.1 and OpenArena 0.8.x-15 and 0.8.x-16, allows remote game servers to execute arbitrary commands via shell metacharacters in a long fs_game variable.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1412

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 2
Application 1

OpenVAS Exploits

Date Description
2012-04-02 Name : Fedora Update for quake3 FEDORA-2011-10039
File : nvt/gb_fedora_2011_10039_quake3_fc16.nasl
2012-03-19 Name : Fedora Update for openarena FEDORA-2011-10039
File : nvt/gb_fedora_2011_10039_openarena_fc16.nasl
2011-08-12 Name : Fedora Update for openarena FEDORA-2011-9774
File : nvt/gb_fedora_2011_9774_openarena_fc15.nasl
2011-08-12 Name : Fedora Update for quake3 FEDORA-2011-9774
File : nvt/gb_fedora_2011_9774_quake3_fc15.nasl
2011-08-12 Name : Fedora Update for openarena FEDORA-2011-9898
File : nvt/gb_fedora_2011_9898_openarena_fc14.nasl
2011-08-12 Name : Fedora Update for quake3 FEDORA-2011-9898
File : nvt/gb_fedora_2011_9898_quake3_fc14.nasl

Nessus® Vulnerability Scanner

Date Description
2017-06-23 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201706-23.nasl - Type : ACT_GATHER_INFO
2011-08-29 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-10039.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-9774.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-9898.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/48915
BUGTRAQ http://www.securityfocus.com/archive/1/519051/100/0/threaded
CONFIRM http://svn.icculus.org/quake3?view=rev&revision=2097
http://thilo.tjps.eu/download/patches/ioq3-svn-r2097.diff
http://worldofpadman.com/website/news/en/article/266/wop-1-5-1-1-hotfix-relea...
https://bugzilla.redhat.com/show_bug.cgi?id=725951
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063460....
FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html
GENTOO https://security.gentoo.org/glsa/201706-23
OSVDB http://www.osvdb.org/74137
SECUNIA http://secunia.com/advisories/45417
http://secunia.com/advisories/45468
SREASON http://securityreason.com/securityalert/8324
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/68869

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2020-05-23 00:28:13
  • Multiple Updates
2018-10-10 00:19:42
  • Multiple Updates
2017-08-17 09:23:26
  • Multiple Updates
2017-07-01 09:23:09
  • Multiple Updates
2017-06-24 13:23:30
  • Multiple Updates
2016-06-28 18:36:37
  • Multiple Updates
2016-04-26 20:40:36
  • Multiple Updates
2014-02-17 11:01:35
  • Multiple Updates
2013-05-10 22:57:58
  • Multiple Updates