Vulnerability Details : CVE-2016-20015

In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileges. There is a race condition involving /var/lib/smokeping and chown.
Published 2022-09-20 18:15:10
Updated 2022-09-22 00:19:34
Source MITRE
View at NVD,   CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2016-20015

Probability of exploitation activity in the next 30 days: 0.09%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 36 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-20015

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source
7.5
 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1.6
5.9
 NIST

References for CVE-2016-20015

  • https://bugs.gentoo.org/602652
    602652 – (CVE-2016-20015) net-analyzer/smokeping: root privilege escalation via race condition in init script
    Exploit;Issue Tracking;Third Party Advisory

Products affected by CVE-2016-20015

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close