Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.4
CVSSv2

CVE-2011-2777

Published: 29/08/2012 Updated: 20/12/2012
CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4
VMScore: 445
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Acpid2

Vulnerability Summary

samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and previous versions uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DBUS_SESSION_BUS_ADDRESS environment variable containing commands.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tedfelix acpid2 2.0.14

tedfelix acpid2

tedfelix acpid2 2.0.8

tedfelix acpid2 2.0.2

tedfelix acpid2 2.0.13

tedfelix acpid2 2.0.15

tedfelix acpid2 2.0.0

tedfelix acpid2 2.0.9

tedfelix acpid2 2.0.3

tedfelix acpid2 2.0.1

tedfelix acpid2 2.0.10

tedfelix acpid2 2.0.7

tedfelix acpid2 2.0.6

tedfelix acpid2 2.0.11

tedfelix acpid2 2.0.12

tedfelix acpid2 2.0.5

tedfelix acpid2 2.0.4

Vendor Advisories

Ubuntu Security Notice: acpid vulnerabilities
Several security issues were fixed in acpid ...
Debian Security Advisories: DSA-2362-1 acpid -- several vulnerabilities
Multiple vulnerabilities were found in the ACPI Daemon, the Advanced Configuration and Power Interface event daemon: CVE-2011-1159 Vasiliy Kulikov of OpenWall discovered that the socket handling is vulnerable to denial of service CVE-2011-2777 Oliver-Tobias Ripka discovered that incorrect process handling in the Debian-specific po ...

Exploits

Exploit DB: Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.04/11.10) - Boundary Crossing Privilege Escalation
# Exploit Title: Acpid Privilege Boundary Crossing Vulnerability # Google Dork: # Date: 23-11-2011 # Author: otr # Software Link: launchpadnet/ubuntu/+source/acpid # Version: 1:2010-1ubuntu2 # Tested on: Ubuntu 1110, Ubuntu 1104 # CVE : CVE-2011-2777 # -- # Safeguard this letter, it may be an IMPORTANT DOCUMENT #!/bin/bash # # otr # ...
Exploit DB: Acpid Privilege Boundary Crossing
Local proof of concept exploit that demonstrates a privilege boundary crossing vulnerability in acpid Written to work on Ubuntu 1110 and 1104 ...

References

CWE-264https://bugs.launchpad.net/ubuntu/+source/acpid/+bug/893821https://usn.ubuntu.com/1296-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/18228/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook