Vulnerabilities > CVE-2009-0415 - Unspecified vulnerability in Monkey Trickle 1.07
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN monkey
nessus
Summary
Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD_PRELOAD path.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2009-1694.NASL description New patch for CVE-2009-0415 Fix for #484065 - CVE-2009-0415 trickle: Possibility to load arbitrary code from current working directory Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 36304 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36304 title Fedora 10 : trickle-1.07-7.fc10 (2009-1694) NASL family Fedora Local Security Checks NASL id FEDORA_2009-1675.NASL description New patch for CVE-2009-0415 Fix for #484065 - CVE-2009-0415 trickle: Possibility to load arbitrary code from current working directory Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 35735 published 2009-02-25 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35735 title Fedora 9 : trickle-1.07-7.fc9 (2009-1675)
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513456
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513456
- http://www.openwall.com/lists/oss-security/2009/01/29/5
- http://www.openwall.com/lists/oss-security/2009/01/29/5
- http://www.securityfocus.com/bid/33516
- http://www.securityfocus.com/bid/33516