Vulnerability CVE-2014-7206


Published: 2014-10-15

Description:
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.

Vendor: Debian
Product: APT 
Version:
1.0.9.1
1.0.9
1.0.8
0.9.7.9

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.6/10
4.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
Partial

 References:
http://www.debian.org/security/2014/dsa-3048
http://www.securityfocus.com/bid/70310
http://www.ubuntu.com/usn/USN-2370-1
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763780
https://exchange.xforce.ibmcloud.com/vulnerabilities/96951

Related CVE
CVE-2012-6639
An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.
CVE-2012-5644
libuser has information disclosure when moving user's home directory
CVE-2011-3632
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
CVE-2011-4350
Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafted URL request.
CVE-2011-3630
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user...
CVE-2011-3631
Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a speciall...
CVE-2011-3374
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
CVE-2011-3596
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.

Copyright 2019, cxsecurity.com

 

Back to Top