CVE-2011-1496 - Vulnerability Details - OpenCVE

tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00144.

Key SSVC decision points have not yet been added.

Vendors	Products
Nicholas Marriott Subscribe	Tmux Subscribe

Configuration 1 [-]

OR	cpe:2.3:a:nicholas_marriott:tmux:1.3:::::::*
	cpe:2.3:a:nicholas_marriott:tmux:1.4:::::::*

No data.

No data.

Advisories

Source	ID	Title
Debian DSA	DSA-2212-1	tmux security update
EUVD	EUVD-2011-1499	tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058367.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058452.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058548.html
http://secunia.com/advisories/44081
http://secunia.com/advisories/44239
http://www.debian.org/security/2011/dsa-2212
http://www.exploit-db.com/exploits/17147
http://www.securityfocus.com/bid/47283
http://www.vupen.com/english/advisories/2011/0897
http://www.vupen.com/english/advisories/2011/1002
http://www.vupen.com/english/advisories/2011/1015
https://exchange.xforce.ibmcloud.com/vulnerabilities/66693

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-04-18T18:00:00

Updated: 2024-08-06T22:28:41.659Z

Reserved: 2011-03-21T00:00:00

Link: CVE-2011-1496

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-04-18T18:55:01.077

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-1496

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-04-11T00:00:00", "descriptions": [{"lang": "en", "value": "tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "ADV-2011-1015", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/1015"}, {"name": "44081", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/44081"}, {"name": "44239", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/44239"}, {"name": "17147", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/17147"}, {"name": "FEDORA-2011-5156", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058452.html"}, {"name": "47283", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/47283"}, {"name": "DSA-2212", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2212"}, {"name": "ADV-2011-0897", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0897"}, {"name": "ADV-2011-1002", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/1002"}, {"name": "FEDORA-2011-5486", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058548.html"}, {"name": "FEDORA-2011-5167", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058367.html"}, {"name": "tmux-setgid-privilege-escalation(66693)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66693"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:28:41.659Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2011-1015", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/1015"}, {"name": "44081", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/44081"}, {"name": "44239", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/44239"}, {"name": "17147", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/17147"}, {"name": "FEDORA-2011-5156", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058452.html"}, {"name": "47283", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/47283"}, {"name": "DSA-2212", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2212"}, {"name": "ADV-2011-0897", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0897"}, {"name": "ADV-2011-1002", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/1002"}, {"name": "FEDORA-2011-5486", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058548.html"}, {"name": "FEDORA-2011-5167", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058367.html"}, {"name": "tmux-setgid-privilege-escalation(66693)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66693"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1496", "datePublished": "2011-04-18T18:00:00", "dateReserved": "2011-03-21T00:00:00", "dateUpdated": "2024-08-06T22:28:41.659Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nicholas_marriott:tmux:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAD0C107-5CE1-41E1-A736-DD572B2CB855", "vulnerable": true}, {"criteria": "cpe:2.3:a:nicholas_marriott:tmux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "CA068A77-9777-4C3F-BCF7-9AFAEC150176", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option."}, {"lang": "es", "value": "tmux v1.3 y v1.4 no elimina adecuadamente privilegios de grupo, lo que permite a usuarios locales obtener permisos de grupo utmp a trav\u00e9s del nombre del archivo con la opci\u00f3n de l\u00ednea de comando -S."}], "id": "CVE-2011-1496", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-04-18T18:55:01.077", "references": [{"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058367.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058452.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058548.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44081"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44239"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2011/dsa-2212"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/17147"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/47283"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0897"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/1002"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/1015"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66693"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058367.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058452.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058548.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44081"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44239"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2011/dsa-2212"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/17147"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/47283"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0897"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/1002"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/1015"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66693"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}