- Vulnerability Report - Ubuntu (and underlying architecture) PrivEsc Vulnerability - All Current Releases - v0.9
- Overall Rating: Medium
- CVSSv2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
- CVSSv2 Score: 6.8
- Vulnerability Type: Local Privilege Escalation
- The default configuration in Ubuntu 14.04.2LTS and earlier allows a user, given a specially crafted sequence of commands as a standard user, the ability to perform arbitrary command execution as a system user.
- It was found through investigating the account management and security aspects of the Ubuntu 14.04.2LTS operating system, and the underlying kernel, that there was a significant flaw in the application of access restrictions to perform commands as a privileged user.
- This configuration could be exploited severely damage the confidentiality, integrity, and availability of data held within the system.
- The prerequisites for exploiting this vulnerability did mitigate some of the risk, however it is insufficient given the potential impact to a system should an in-the-wild payload be created.
- In order for this vulnerability to be realised, the following (default) conditions must be met:
- • An account with system privileges must exist:
- o The standard account under which the user is authenticated must be in the sudoers group
- o Or the root user must be enabled
- • A simple string set by the user, generally during initial configuration of the operating system or user account, must be known
- o This string is arbitrary but is usually relatively short
- o There are known common and default values for this string
- o By default there is no policy for having a strong, secure string
- o A previous vulnerability in Ubuntu has been discovered allowing for the brute forcing of this string
- It has been discovered that in the event certain conditions are met, remote exploitation of this vulnerability may be possible.
- Common services such as telnet, SSH and FTP may allow for remote exploitation, as if misconfigured these will allow for a separate remote command execution vulnerability, which can be used in conjuncture with this vulnerability.
- This increases the risk and therefore the CVSSv2 Scores have been recalculated accordingly:
- Overall Rating: Critical
- CVSSv2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
- CVSSv2 Score: 9
- Vulnerability Type: Remote Command Execution and Privilege Escalation
- NOTE: Due to the nature of this vulnerability the exact string has not been publicly disclosed but is available upon request for legitimate mitigation attempts
Vulnerability Report - Ubuntu (and underlying architecture)
a guest Jul 16th, 2015 703 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
RAW Paste Data