CVE-2011-3337 — MEDIUM (6.9)

Vulnerability Description

eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/.

CVSS Score

6.9

MEDIUM

AV:L/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Eeye	Digital Security Audits	2406
Eeye	Retina Network Security Scanner	All versions
Hp	Hp-Ux	All versions
Sgi	Irix	All versions
Sun	Sunos	All versions

Related Weaknesses (CWE)

CWE-264

References

http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL201Vendor Advisory
http://www.kb.cert.org/vuls/id/448051US Government Resource
http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL201Vendor Advisory
http://www.kb.cert.org/vuls/id/448051US Government Resource

FAQ

What is CVE-2011-3337?

CVE-2011-3337 is a vulnerability with a CVSS score of 6.9 (MEDIUM). eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gaunt...

How severe is CVE-2011-3337?

CVE-2011-3337 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-3337?

Check the references section above for vendor advisories and patch information. Affected products include: Eeye Digital Security Audits, Eeye Retina Network Security Scanner, Hp Hp-Ux, Sgi Irix, Sun Sunos.