CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Umich: >> Libgssapi Security Vulnerabilities

CVE-2011-2709

libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.

CVSS Score

6.2

EPSS Score

0.001

Published

2012-06-21

Page 1

Vulnerabilities

Vulnerable Software

Umich: >> Libgssapi Security Vulnerabilities

Products

Pricing

Contact Us