Vulnerability CVE-2014-8737


Published: 2014-12-09   Modified: 2017-06-30

Description:
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar.

Vendor: Fedoraproject
Product: Fedora 
Version:
21
20
19
Vendor: GNU
Product: Binutils 
Version: 2.24;
Vendor: Canonical
Product: Ubuntu linux 
Version:
14.10
14.04
12.04
10.04

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.6/10
4.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
Partial

 References:
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145256.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145352.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145746.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147346.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147354.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148427.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148438.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:029
http://www.openwall.com/lists/oss-security/2014/11/13/1
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/70908
http://www.ubuntu.com/usn/USN-2496-1
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
https://security.gentoo.org/glsa/201612-24
https://sourceware.org/bugzilla/show_bug.cgi?id=17533
https://sourceware.org/bugzilla/show_bug.cgi?id=17552
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dd9b91de2149ee81d47f708e7b0bbf57da10ad42

Related CVE
CVE-2017-10600
ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting image with the uid of the invoking user. When the resulting image is booted, a local attacker with the same uid as the image creator has unintended access to...
CVE-2015-5180
res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).
CVE-2017-8386
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain pr...
CVE-2017-9232
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
CVE-2016-6489
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
CVE-2016-0727
The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users wi...
CVE-2015-8567
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2017-5936
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.

Copyright 2017, cxsecurity.com