CVE-2011-2490

OPIE < 2.4.1 - Local Privilege Escalation via setuid Return Value Mismanagement

Title source: llm
STIX 2.1

Description

opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.

References (12)

Core 12
Core References
Exploit, Patch mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/06/23/5
Exploit, Patch mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/06/22/6
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/10082052
Exploit, Patch x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=698772
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2281
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39966
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/10082068
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/48390
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45448
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45136

Scores

EPSS 0.0053
EPSS Percentile 41.3%

Details

CWE
CWE-20
Status published
Products (9)
nrl/opie 2.2
nrl/opie 2.3
nrl/opie 2.4
nrl/opie 2.10
nrl/opie 2.11
nrl/opie 2.21
nrl/opie 2.22
nrl/opie 2.32
nrl/opie < 2.4.1
Published Jul 27, 2011
Tracked Since Feb 18, 2026