Privilege Escalation Vulnerability in Shrew Soft IKE Products
CVE-2010-3361

Currently unrated

Key Information:

Vendor: Shrew
Status: Vpn Client
Vendor: CVE Published:; 20 October 2010

What is CVE-2010-3361?

The iked, ikea, and ikec scripts in Shrew Soft IKE version 2.1.5 improperly handle the LD_LIBRARY_PATH by allowing a zero-length directory name. This misconfiguration could be exploited by local users, enabling them to execute Trojan horse shared libraries located in the current working directory. This can lead to unauthorized privilege escalation, posing a risk to system security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598292

x_refsource_CONFIRM

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598293

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 20, 2010

JSON

Shrew

What is CVE-2010-3361?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.