CVE-2001-0912 — Mandrake Linux vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 85.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mandrakesoft Mandrake Linux

Timeline

PublishedNov 30

Latest updateApr 30

Description

Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDmandrakesoft/mandrake_linux8.1

Patches

Patch: www.linux-mandrake.com ↗Patch: www.linux-mandrake.com ↗

🔴Vulnerability Details

GHSA

GHSA-p8r4-m7pr-52qm: Packaging error for expect 8↗2022-04-30

▶

CVEList

CVE-2001-0912: Packaging error for expect 8↗2002-06-25

▶