CVE-2011-3337

Severity Score

6.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/.

eEye Audit ID 2499 en eEye Digital Security Audits 2406 hasta 2423 para eEye Retina Network Security Scanner en HP-UX, IRIX, y Solaris, permite a usuarios locales ganar privilegios a través de un caballo de troya en un directorio de su elección bajo /usr/local/.

*Credits: N/A

CVSS Scores

NISTv2 6.9

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-08-29 CVE Reserved
2012-01-04 CVE Published
2023-03-08 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-264: Permissions, Privileges, and Access Controls

CAPEC

References (2)

URL	Tag	Source
http://www.kb.cert.org/vuls/id/448051	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108	2012-01-04

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Eeye Search vendor "Eeye"	Digital Security Audits Search vendor "Eeye" for product "Digital Security Audits"	2406 Search vendor "Eeye" for product "Digital Security Audits" and version "2406"	-	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Eeye Search vendor "Eeye"	Digital Security Audits Search vendor "Eeye" for product "Digital Security Audits"	2406 Search vendor "Eeye" for product "Digital Security Audits" and version "2406"	-	Affected	in	Sgi Search vendor "Sgi"	Irix Search vendor "Sgi" for product "Irix"	*	-	Safe
Eeye Search vendor "Eeye"	Digital Security Audits Search vendor "Eeye" for product "Digital Security Audits"	2406 Search vendor "Eeye" for product "Digital Security Audits" and version "2406"	-	Affected	in	Sun Search vendor "Sun"	Sunos Search vendor "Sun" for product "Sunos"	*	-	Safe
Eeye Search vendor "Eeye"	Digital Security Audits Search vendor "Eeye" for product "Digital Security Audits"	2423 Search vendor "Eeye" for product "Digital Security Audits" and version "2423"	-	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Eeye Search vendor "Eeye"	Digital Security Audits Search vendor "Eeye" for product "Digital Security Audits"	2423 Search vendor "Eeye" for product "Digital Security Audits" and version "2423"	-	Affected	in	Sgi Search vendor "Sgi"	Irix Search vendor "Sgi" for product "Irix"	*	-	Safe
Eeye Search vendor "Eeye"	Digital Security Audits Search vendor "Eeye" for product "Digital Security Audits"	2423 Search vendor "Eeye" for product "Digital Security Audits" and version "2423"	-	Affected	in	Sun Search vendor "Sun"	Sunos Search vendor "Sun" for product "Sunos"	*	-	Safe
Eeye Search vendor "Eeye"	Retina Network Security Scanner Search vendor "Eeye" for product "Retina Network Security Scanner"	*	-	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Eeye Search vendor "Eeye"	Retina Network Security Scanner Search vendor "Eeye" for product "Retina Network Security Scanner"	*	-	Affected	in	Sgi Search vendor "Sgi"	Irix Search vendor "Sgi" for product "Irix"	*	-	Safe
Eeye Search vendor "Eeye"	Retina Network Security Scanner Search vendor "Eeye" for product "Retina Network Security Scanner"	*	-	Affected	in	Sun Search vendor "Sun"	Sunos Search vendor "Sun" for product "Sunos"	*	-	Safe