Vulnerability CVE-2009-3939 - Russian Vulnerability Scanner Database

Description

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.

Tags · CWE

CWE-732

CAPEC-1

CAPEC-17

CAPEC-60

CAPEC-61

CAPEC-62

CAPEC-122

CAPEC-127

CAPEC-180

CAPEC-206

CAPEC-234

CAPEC-642

Affected products

Aura_application_enablement_servicesAura_communication_managerAura_session_managerAura_sip_enablement_servicesAura_system_managerAura_system_platformVoice_portal

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Timeline

2009-01-01

Published

2009-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: L

Local (L)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: L

Low (L)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.000 · p12

Known exploited (KEV)

No

MITRE ATT&CK

Inferred via CAPEC

T1083File and Directory Discovery

└ via CAPEC-127 · CWE-732

T1134.001Token Impersonation/Theft

└ via CAPEC-60 · CWE-732

T1505.005Terminal Services DLL

└ via CAPEC-642 · CWE-732

T1548Abuse Elevation Control Mechanism

└ via CAPEC-122 · CWE-732

T1550.004Web Session Cookie

└ via CAPEC-60 · CWE-732

T1553.002Code Signing

└ via CAPEC-206 · CWE-732

T1554Compromise Host Software Binary

└ via CAPEC-642 · CWE-732

T1574.005Executable Installer File Permissions Weakness

└ via CAPEC-17 · CWE-732

T1574.010Services File Permissions Weakness

└ via CAPEC-1 · CWE-732

Known exploits — Сканер-ВС

15024

exploitdb · https://www.exploit-db.com/exploits/15024

Enterprise

15150

exploitdb · https://www.exploit-db.com/exploits/15150

Enterprise

15622

exploitdb · https://www.exploit-db.com/exploits/15622

Enterprise

17787

exploitdb · https://www.exploit-db.com/exploits/17787

Enterprise

34987

exploitdb · https://www.exploit-db.com/exploits/34987

Enterprise

Affected software

Product	Vendor	Status
kernel		Tracked
kernel		Tracked
kernel-rt		Tracked
linux		Tracked
linux-2.6		Tracked
linux-2.6		Tracked
linux-2.6.24		Tracked
aura_application_enablement_services	*	Tracked
aura_communication_manager	*	Tracked
aura_session_manager	*	Tracked
aura_sip_enablement_services	*	Tracked
aura_system_manager	*	Tracked
aura_system_platform	*	Tracked
debian_linux	*	Tracked
enterprise_linux_desktop	*	Tracked
enterprise_linux_eus	*	Tracked
enterprise_linux_server	*	Tracked
enterprise_linux_workstation	*	Tracked
linux_enterprise_desktop	*	Tracked
linux_enterprise_server	*	Tracked

Source databases

DEB

CVE

RED

UBU

Related vulnerabilities

BDU:2015-05250 BDU:2015-05251

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows loc…