CVE-2011-1784Keepalived vulnerability

CWE-2649 documents6 sources
Severity
3.6LOWNVD
EPSS
0.0%
top 85.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
KeepalivedDebian KeepalivedOpenswan
Timeline
PublishedMay 20
Latest updateMay 17

Description

The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files.

CVSS vector

AV:L/AC:L/C:N/I:P/A:PExploitability: 3.9 | Impact: 4.9

Affected Packages4 packages

debiandebian/keepalived< keepalived 1:1.2.2-2 (bookworm)
Debiankeepalived/keepalived< 1:1.2.2-2+3
NVDkeepalived/keepalived1.2.2+56
NVDopenswan/openswan2.2.0, 2.2.1+1

🔴Vulnerability Details

3
GHSA
GHSA-pg35-2558-wrpv: Openswan 22022-05-17
GHSA
GHSA-xjrv-p75r-gqqr: The pidfile_write function in core/pidfile2022-05-17
OSV
CVE-2011-1784: The pidfile_write function in core/pidfile2011-05-20

📋Vendor Advisories

2
Red Hat
openswan: World writable pid and lock files2011-05-11
Debian
CVE-2011-1784: keepalived - The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier use...2011

💬Community

2
Bugzilla
CVE-2011-2147 openswan: World writable pid and lock files2011-05-30
Bugzilla
CVE-2011-1784 keepalived: insecure permissions on pid files2011-05-11
CVE-2011-1784 — Debian Keepalived vulnerability | cvebase