Vulnerability CVE-2014-8169


Published: 2015-03-18

Description:
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: Redhat
Product: Enterprise linux server 
Version: 6.0;
Product: Enterprise linux hpc node 
Version: 6.0;
Product: Enterprise linux workstation 
Version: 6.0;
Product: Enterprise linux desktop 
Version: 6.0;
Vendor: Automount project
Product: Automount 
Version: 5.0.8;
Vendor: Novell
Product: Opensuse 
Version: 13.2; 13.1;
Vendor: Opensuse
Product: Opensuse 
Version: 13.2; 13.1;

CVSS2 => (AV:L/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.4/10
6.4/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://lists.opensuse.org/opensuse-updates/2015-03/msg00033.html
http://rhn.redhat.com/errata/RHSA-2015-1344.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/73211
http://www.ubuntu.com/usn/USN-2579-1
https://bugzilla.redhat.com/show_bug.cgi?id=1192565
https://bugzilla.suse.com/show_bug.cgi?id=917977

Related CVE
CVE-2018-20534
There is an illegal address access at src/pool.h (function pool_whatprovides) in libsolv.a in libsolv through 0.7.2 that will cause a denial of service.
CVE-2018-20533
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
CVE-2018-20532
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
CVE-2018-19873
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
CVE-2017-5934
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-12479
A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df.
CVE-2018-12478
A Improper Input Validation vulnerability in Open Build Service allows remote attackers to extract files from the system where the service runs. Affected releases are openSUSE Open Build Service: status of is unknown.
CVE-2018-12477
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versio...

Copyright 2019, cxsecurity.com

 

Back to Top