NVD Vulnerability Detail

CVE-2011-2467

Summary	SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands via unspecified vectors.
Publication Date	July 27, 2011, 11:55 a.m.
Registration Date	Jan. 28, 2021, 4:38 p.m.
Last Update	Nov. 21, 2024, 10:28 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:likewise:likewise_open:5.4:::::::*
cpe:2.3:a:likewise:likewise_open:6.0::enterprise:::::
cpe:2.3:a:likewise:likewise_open:6.1:::::::*
cpe:2.3:a:likewise:likewise_open:6.0:::::::*

Related information, measures and tools

No	URL	タグ
1	http://secunia.com/advisories/45276	Vendor Advisory
2	http://secunia.com/advisories/45326	Vendor Advisory
3	http://www.likewise.com/community/index.php/forums/viewannounce/1212_6/	Vendor Advisory
4	http://www.securityfocus.com/bid/48816
5	http://www.ubuntu.com/usn/USN-1171-1
6	https://bugs.launchpad.net/ubuntu/+source/likewise-open/+bug/802748
7	https://exchange.xforce.ibmcloud.com/vulnerabilities/68765
8	https://launchpadlibrarian.net/74204969/LWSA-2011-002.txt
9	http://secunia.com/advisories/45276	Vendor Advisory
10	https://launchpadlibrarian.net/74204969/LWSA-2011-002.txt
11	https://exchange.xforce.ibmcloud.com/vulnerabilities/68765
12	https://bugs.launchpad.net/ubuntu/+source/likewise-open/+bug/802748
13	http://www.ubuntu.com/usn/USN-1171-1
14	http://www.securityfocus.com/bid/48816
15	http://www.likewise.com/community/index.php/forums/viewannounce/1212_6/	Vendor Advisory
16	http://secunia.com/advisories/45326	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-89	SQLインジェクション	https://cwe.mitre.org/data/definitions/89.html

JVN Vulnerability Information

Likewise Open および Likewise Enterprise の lsassd における SQL インジェクションの脆弱性

Title	Likewise Open および Likewise Enterprise の lsassd における SQL インジェクションの脆弱性
Summary	Likewise Open および Likewise Enterprise の Likewise Security Authority の Lsass の lsassd には、SQL インジェクションの脆弱性が存在します。
Possible impacts	ローカルユーザにより、任意の SQL コマンドを実行される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	July 26, 2011, midnight
Registration Date	March 27, 2012, 6:43 p.m.
Last Update	March 27, 2012, 6:43 p.m.

Affected System

likewise

likewise open 5.4 から 6.1 および Enterprise 6.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-2467	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2467
National Vulnerability Database (NVD)
2	CVE-2011-2467	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2467

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-89	https://jvndb.jvn.jp/ja/cwe/CWE-89.html

ベンダー情報

No	Name	URL
likewise
1	Top Page	http://www.likewise.com/

Change Log

No	Changed Details	Date of change
0	[2012年03月27日] 掲載	Feb. 17, 2018, 10:37 a.m.