CVE-2011-5271
published 2019-11-12CVE-2011-5271: Pacemaker before 1.1.6 configure script creates temporary files insecurely
PriorityP420medium5.5CVSS 3.1
AVLACLPRNUIRSUCNIHAN
EPSS
0.49%
38.4th percentile
Pacemaker before 1.1.6 configure script creates temporary files insecurely
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clusterlabs | pacemaker | < 1.1.6 | 1.1.6 |
| clusterlabs | pacemaker | >= 0 < 1.1.6-1 | 1.1.6-1 |
| clusterlabs | pacemaker | >= 0 < 1.1.6-1 | 1.1.6-1 |
| clusterlabs | pacemaker | >= 0 < 1.1.6-1 | 1.1.6-1 |
| clusterlabs | pacemaker | >= 0 < 1.1.6-1 | 1.1.6-1 |
| debian | pacemaker | < pacemaker 1.1.6-1 (bookworm) | pacemaker 1.1.6-1 (bookworm) |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.03.3LOWAV:L/AC:M/Au:N/C:N/I:P/A:P
osv5.5MEDIUM
vendor_debian5.5LOW
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-363q-54cj-prgf: Pacemaker before 1
ghsa_unreviewed·2022-04-23
CVE-2011-5271 [MEDIUM] CWE-59 GHSA-363q-54cj-prgf: Pacemaker before 1
Pacemaker before 1.1.6 configure script creates temporary files insecurely
OSV
CVE-2011-5271: Pacemaker before 1
osv·2019-11-12·CVSS 5.5
CVE-2011-5271 [MEDIUM] CVE-2011-5271: Pacemaker before 1
Pacemaker before 1.1.6 configure script creates temporary files insecurely
Debian
CVE-2011-5271: pacemaker - Pacemaker before 1.1.6 configure script creates temporary files insecurely
vendor_debian·2011·CVSS 5.5
CVE-2011-5271 [MEDIUM] CVE-2011-5271: pacemaker - Pacemaker before 1.1.6 configure script creates temporary files insecurely
Pacemaker before 1.1.6 configure script creates temporary files insecurely
Scope: local
bookworm: resolved (fixed in 1.1.6-1)
bullseye: resolved (fixed in 1.1.6-1)
forky: resolved (fixed in 1.1.6-1)
sid: resolved (fixed in 1.1.6-1)
trixie: resolved (fixed in 1.1.6-1)
Red Hat
CVE-2011-5271: Pacemaker before 1
vendor_redhat·CVSS 5.5
CVE-2011-5271 [MEDIUM] CVE-2011-5271: Pacemaker before 1
Pacemaker before 1.1.6 configure script creates temporary files insecurely
Statement: Not vulnerable. This issue did not affect the pacemaker packages shipped by Red Hat as the packages are not built in the /tmp/ directory.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.openwall.com/lists/oss-security/2014/02/11/1http://www.securityfocus.com/bid/65472https://exchange.xforce.ibmcloud.com/vulnerabilities/91120https://security-tracker.debian.org/tracker/CVE-2011-5271http://www.openwall.com/lists/oss-security/2014/02/11/1http://www.securityfocus.com/bid/65472https://exchange.xforce.ibmcloud.com/vulnerabilities/91120https://security-tracker.debian.org/tracker/CVE-2011-5271
2019-11-12
Published