CVE-2011-4114

{"id": "CVE-2011-4114", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-01-13T18:55:03.843", "references": [{"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071091.html", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071099.html", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2011/11/04/2", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2011/11/04/4", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=753955", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://rt.cpan.org/Public/Bug/Display.html?id=69560", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071091.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071099.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2011/11/04/2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2011/11/04/4", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=753955", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://rt.cpan.org/Public/Bug/Display.html?id=69560", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE: a similar vulnerability was reported for PAR, but this has been assigned a different CVE identifier."}, {"lang": "es", "value": "La funci\u00f3n par_mktmpdir en el m\u00f3dulo PAR:: Packer anterior a v1.012 para Perl crea archivos temporales en un directorio con un nombre predecible sin verificar el propietario y los permisos de este directorio, permitiendo a usuarios locales sobrescribir archivos cuando otro usuario extrae un programa PAR. NOTA: Existe una vulnerabilidad similar reportada para AR, pero este se le ha asignado un identificador CVE diferente."}], "lastModified": "2024-11-21T01:31:52.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB41DF48-531D-4FB6-9C74-0AAA1E95D16C", "versionEndIncluding": "1.011"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.63:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC70F665-9D6A-47B1-AA49-B5B9CC0182A2"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B8A7465-86BF-48E5-AF8A-4B92F963F5A1"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.65:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA7B3AE4-48D0-4118-A961-DD15D09C8515"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.66:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49135C1F-8575-4C04-9A45-631D10A566DA"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.67:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0E69095-C3A3-43F8-B336-5AAEDA3D0CAB"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.68:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EC70EF9-484C-4F3F-AF73-2298755A5735"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.69:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32A03C12-9C9C-4F65-A352-590E596C0D26"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.70:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E666345-03AD-4633-800E-66487FD84586"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.71:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3960DE5E-F395-4890-9BBD-14F6C782D47E"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.72:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C6FC46E-45E9-4566-B935-5B16CFD8E6B1"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.73:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C67B03C1-0C41-4945-A0EB-EED9399D3303"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.74:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC1EE1EE-758E-48FD-A38D-5FEE6E37D126"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.75:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4260201-9C67-428A-86CF-1AB0A5ED1E06"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.76:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D5FD34A-772E-4CF4-848F-966730B957C4"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.77:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4584C7C-703E-491D-B65B-81B2D819BF42"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.78:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAD20A82-A907-4134-B35B-9F65A6001567"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.79:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "286B0293-47A9-4E66-A37B-4B6A7EDE397C"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.80:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F0B1CF0-BC09-4E42-B995-8473DAD2B867"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.81:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D531B26-0515-4D53-AE15-933C4D8018DC"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.82:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCD8E33B-22DF-4AC3-89FD-BE904B207DD1"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.83:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7ED4A6E-790F-4796-9ECB-3E295D8673D8"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.85:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A1D9E5A-91AA-4FD1-B2CC-0B4B605F0297"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.86:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A12E0B35-F40C-4330-9F31-60858B23D246"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.87:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D4C549D-99C8-489F-8E14-EB116CCB0E4D"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.88:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63A31388-F7C1-42A6-8170-30679B7C6591"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.89:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6464AB0-A14E-466C-8B2E-70395E7F704C"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.90:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "428490C9-7F5F-4093-907C-0077C9115F99"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.91:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2510979-6A83-4DC3-8DDA-146381D0817B"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.92:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31D6BA88-6B64-4563-9CCE-A56C79F8AFD8"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.93:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2914A659-7E75-48E8-A862-D9758DD15618"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.94:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99AA88A5-8D03-4D9E-BD0F-4690B3CA568A"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.941:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8693340-8DDA-4808-9B43-CBD517B557EA"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.942:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F88E15EE-D860-42AE-858E-CE3108521CB7"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.951:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "695722EB-4601-43C9-8138-833192A532A5"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.952:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51434A46-AB3F-459B-A63C-BA97F40D7721"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.953:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2409D08-09C9-4B6D-8E0F-3A1AAF19F045"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.954:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9069FB40-16AF-4B4C-A99F-6E2A4DAFF8D8"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.955:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9C07A3E-2BB9-442A-9F03-526334E7AF19"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.956:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "030ECADE-8F21-43B1-8829-706A37A74F3B"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.957:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF08AB04-B311-4A4B-9820-C0426BC16349"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.958:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0506BA14-7083-46DE-BCDC-F5F476EF1EA9"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.959:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ACD0740-F4E0-43B8-BECF-F9FD85718400"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.960:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F3B0C30-77FB-4879-8AC9-562CFD455127"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.970:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61113B30-ACC6-47BF-BE54-44D22641CCC1"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.973:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD63D593-F47F-4026-948B-59EA0786F4B4"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.975:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7FF4B64-1C13-4C82-A0D4-5080568E46F6"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.976:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EA2D91F-2447-471F-815C-48A9CBFCE408"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.977:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AFD1F5B-98FF-48C7-9DA5-8ABF3C2D9023"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.978:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A65BB703-8B37-4F33-869A-A2DE14467D55"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.979:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3494B14B-94BF-4930-AD1F-F99F3893411F"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.980:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB1E9FD6-909B-4AAF-AD74-C74338BA5B90"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.981:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A1E41AB-205A-499C-8564-0E12C8DC71D3"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.982:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4635EBCB-6169-4491-B5B2-8EC8FEE50DF4"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.991:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6951073E-3258-4E8B-8030-525172B9E368"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.992_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB0A92A6-EB05-49C4-B69D-7508AC339370"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.992_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A916E81B-956E-40C2-A677-34D72F88A862"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.992_03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "904880F0-4BE6-4176-958D-6DCECA7F1124"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.992_04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F2372C0-39E5-4D35-97F3-995E58387F4D"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.992_05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C012D7B-7D87-49BA-A0F0-A0488DF3212B"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:0.992_06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE72E480-CEB6-4070-852C-AA22AECF324D"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E09C8F04-E4A2-4319-9A57-678C47B96C0F"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C243E53F-165A-49CB-AA05-E4AA13FA3193"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B309A147-81E3-4E10-A0A5-2656AF1BB0BC"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "621C14BF-1F40-4DEF-8B5C-7EF13C6D0AEC"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.004:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C464D7EA-63A3-4E82-AE07-89AE98942982"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB3E3486-03C6-4500-92CE-ECF4587B46D3"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6CC9661-92A8-4601-816E-8BABB7769B5F"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.007:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F07C7480-83C7-4F0D-AD60-C1638EE148DD"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.008:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DD8714A-87EF-4B6A-8220-FACA964EC2AF"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.009:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1BD8106-4E88-4065-B643-69A9A60977B3"}, {"criteria": "cpe:2.3:a:roderich_schupp:par-packer_module:1.010:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B97DCC8-E95F-456B-9317-3005901827A9"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}