8.8

CVE-2018-10900

Exploit
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnomeNetwork Manager Vpnc Version < 1.2.6
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.06% 0.912
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
secalert@redhat.com 8.8 2 6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

https://bugzilla.novell.com/show_bug.cgi?id=1101147
Third Party Advisory
Exploit
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10900
Patch
Third Party Advisory
Issue Tracking
https://download.gnome.org/sources/NetworkManager-vpnc/1.2/NetworkManager-vpnc-1.2.6.news
Third Party Advisory
Vendor Advisory
https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4
Patch
Third Party Advisory
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00048.html
Third Party Advisory
https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc
Third Party Advisory
Exploit
https://security.gentoo.org/glsa/201808-03
Third Party Advisory
https://www.debian.org/security/2018/dsa-4253
Third Party Advisory
https://www.exploit-db.com/exploits/45313/
Third Party Advisory
Exploit
VDB Entry