ElectricCommander 4.2.4.71224 Privilege Escalation

2014.10.24
Credit: Sean Wright
Risk: Medium
Local: Yes
Remote: No
CVE: CVE-2014-7180
CWE: CWE-264


CVSS Base Score: 4.6/10
Impact Subscore: 6.4/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Classification: //Dell SecureWorks/Confidential - Limited External Distribution: ###### # * Title:ElectricCommander Local Privilege Escalation # * Advisory ID:SWRX-2014-010 # * Advisory URL:http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2014-010/ # * Date published:Wednesday, October 22, 2014 # * CVE:CVE-2014-7180 # * CVSS v2 base score:7.2 # * Date of last update:Wednesday, October 22, 2014 # * Vendors contacted:Electric Cloud, Inc. # * Release mode:Coordinated # * Discovered by:Sean Wright, Dell SecureWorks ###### Summary ElectricCommander is a toolset that facilitates remote deployment of environment configurations from a centralized server to attached agents. Due to excessive file system permissions on two Perl source code files, an unprivileged local attacker can modify these files to insert code. The attackers code is then executed as the privileged user running these administrative tools. ---------------------------------------------------------------------------- ------------------------------------------------------------------ Affected products This vulnerability has been confirmed in version 4.2.4.71224 of ElectricCommander. ---------------------------------------------------------------------------- ------------------------------------------------------------------ Vendor information, solutions, and workarounds This vulnerability has been addressed in later versions of the toolset. ElectricCommander users should upgrade to version 4.2.6 (and above) or version 5.0.3 (and above). As an alternate manual workaround, users may set the file permissions to become read-only after installation of the RPM package management system. ---------------------------------------------------------------------------- ------------------------------------------------------------------ Details Multiple commander tools are installed with ElectricCommander, including eccert and ecconfigure. According to Electric Cloud documentation, eccert is a command line tool used to manage the ElectricCommander Certificate Authority and the certificates configured on the ElectricCommander system. ecconfigure is a command line tool that can change the configuration values for any locally installed ElectricCommander server, web, agent, or repository service. Both of these tools involve manipulating write-protected files, so they need to be run as a privileged user. ---------------------------------------------------------------------------- ------------------------------------------------------------------


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top