Vulnerabilities > CVE-2011-4141 - Unspecified vulnerability in RSA Securid 4.1/4.1.0.545
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN rsa
nessus
Summary
Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Software Token file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 2 |
Nessus
NASL family | Windows |
NASL id | RSA_SECURID_SOFTWARE_TOKEN_411.NASL |
description | The remote Windows host contains a version of RSA SecurID Software Token 3.0, 4.0, or 4.1 earlier than 4.1.1. As such, it is reportedly affected by an insecure library loading vulnerability. If an attacker can trick a user on the affected system into opening a specially crafted Software Token file, this issue could be leveraged to execute arbitrary code subject to the user |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 57347 |
published | 2011-12-20 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/57347 |
title | RSA SecurID Software Token < 4.1.1 Insecure Library Loading |
code |
|
References
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0089.html
- http://secunia.com/advisories/45665
- http://securitytracker.com/id?1026426
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71833
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0089.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71833
- http://securitytracker.com/id?1026426
- http://secunia.com/advisories/45665