CVE-2011-1144

Current Description

The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1072.

Basic Data

PublishedMarch 03, 2011
Last ModifiedJanuary 23, 2020
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-59
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:M/Au:N/C:N/I:P/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score3.3
SeverityLOW
Exploitability Score3.4
Impact Score4.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationPhpPear0.2.2*******
    2.3ApplicationPhpPear0.9*******
    2.3ApplicationPhpPear0.10*******
    2.3ApplicationPhpPear0.11*******
    2.3ApplicationPhpPear0.90*******
    2.3ApplicationPhpPear1.0*******
    2.3ApplicationPhpPear1.0.1*******
    2.3ApplicationPhpPear1.1*******
    2.3ApplicationPhpPear1.2*******
    2.3ApplicationPhpPear1.2.1*******
    2.3ApplicationPhpPear1.3*******
    2.3ApplicationPhpPear1.3.1*******
    2.3ApplicationPhpPear1.3.3*******
    2.3ApplicationPhpPear1.3.3.1*******
    2.3ApplicationPhpPear1.3.4*******
    2.3ApplicationPhpPear1.3.5*******
    2.3ApplicationPhpPear1.3.6*******
    2.3ApplicationPhpPear1.4.0*******
    2.3ApplicationPhpPear1.4.0rc1******
    2.3ApplicationPhpPear1.4.0rc2******
    2.3ApplicationPhpPear1.4.1*******
    2.3ApplicationPhpPear1.4.2*******
    2.3ApplicationPhpPear1.5.0*******
    2.3ApplicationPhpPear1.5.1*******
    2.3ApplicationPhpPear1.6.1*******
    2.3ApplicationPhpPear1.9.1*******
    2.3ApplicationPhpPear********1.9.2

Vulnerable Software List

VendorProductVersions
Php Pear *, 0.10, 0.11, 0.2.2, 0.9, 0.90, 1.0, 1.0.1, 1.1, 1.2, 1.2.1, 1.3, 1.3.1, 1.3.3, 1.3.3.1, 1.3.4, 1.3.5, 1.3.6, 1.4.0, 1.4.1, 1.4.2, 1.5.0, 1.5.1, 1.6.1, 1.9.1

References

NameSourceURLTags
[oss-security] 20110228 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attackhttp://openwall.com/lists/oss-security/2011/02/28/5MLIST
[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attackhttp://openwall.com/lists/oss-security/2011/03/01/4MLIST
[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attackhttp://openwall.com/lists/oss-security/2011/03/01/5MLIST
[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attackhttp://openwall.com/lists/oss-security/2011/03/01/7MLIST
[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attackhttp://openwall.com/lists/oss-security/2011/03/01/8MLIST
[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attackhttp://openwall.com/lists/oss-security/2011/03/01/9MLIST
http://pear.php.net/bugs/bug.php?id=18056http://pear.php.net/bugs/bug.php?id=18056MISC
pear-package-symlink(65911)https://exchange.xforce.ibmcloud.com/vulnerabilities/65911XF