CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-4176

plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.5%

CVSS Severity

CVSS v2 Score 4.0

References

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051755.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051418.html
http://secunia.com/advisories/42342
http://secunia.com/advisories/42451
http://www.securityfocus.com/bid/45046
http://www.vupen.com/english/advisories/2010/3062
http://www.vupen.com/english/advisories/2010/3110
https://bugzilla.redhat.com/show_bug.cgi?id=654489
https://bugzilla.redhat.com/show_bug.cgi?id=654935
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051755.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051418.html
http://secunia.com/advisories/42342
http://secunia.com/advisories/42451
http://www.securityfocus.com/bid/45046
http://www.vupen.com/english/advisories/2010/3062
http://www.vupen.com/english/advisories/2010/3110
https://bugzilla.redhat.com/show_bug.cgi?id=654489
https://bugzilla.redhat.com/show_bug.cgi?id=654935

Products affected by CVE-2010-4176

Dracut Project » Dracut » Version: N/A

cpe:2.3:a:dracut_project:dracut:-
Udev Project » Udev » Version: N/A

cpe:2.3:a:udev_project:udev:-
Fedoraproject » Fedora » Version: 13

cpe:2.3:o:fedoraproject:fedora:13
Fedoraproject » Fedora » Version: 14

cpe:2.3:o:fedoraproject:fedora:14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-4176

Products

Pricing

Contact Us