CVE-2014-2581 Information

Description

Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the \Additional options\ line edit.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

http://lists.fedoraproject.org/pipermail/package-announce/2014-June/133898.html http://lists.fedoraproject.org/pipermail/package-announce/2014-June/133901.html http://sourceforge.net/projects/smb4k/files/1.1.1/ http://www.openwall.com/lists/oss-security/2014/03/24/1 http://www.openwall.com/lists/oss-security/2014/03/25/5 https://bugs.gentoo.org/505376

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5