Vulnerability Details : CVE-2014-0476
Public exploit exists!
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
Vulnerability category: Input validationExecute code
Products affected by CVE-2014-0476
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:lts:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:lts:*:*:*:*:*
- cpe:2.3:a:chkrootkit:chkrootkit:*:*:*:*:*:*:*:*
Threat overview for CVE-2014-0476
Top countries where our scanners detected CVE-2014-0476
Top open port discovered on systems with this issue
8200
IPs affected by CVE-2014-0476 2,372
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-0476!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-0476
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 38 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-0476
-
Chkrootkit Local Privilege Escalation
Disclosure Date: 2014-06-04First seen: 2020-04-26exploit/unix/local/chkrootkitChkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privilege escalation. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default. Authors: - Thomas Stangner - Julie
CVSS scores for CVE-2014-0476
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.7
|
LOW | AV:L/AC:H/Au:N/C:P/I:P/A:P |
1.9
|
6.4
|
NIST |
CWE ids for CVE-2014-0476
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0476
-
http://www.debian.org/security/2014/dsa-2945
Debian -- Security Information -- DSA-2945-1 chkrootkit
-
http://www.chkrootkit.org/
chkrootkit -- locally checks for signs of a rootkitVendor Advisory
-
http://osvdb.org/show/osvdb/107710
-
http://packetstormsecurity.com/files/134484/Chkrootkit-Local-Privilege-Escalation.html
Chkrootkit Local Privilege Escalation ≈ Packet Storm
-
https://security.gentoo.org/glsa/201709-05
chkrootkit: Local privilege escalation (GLSA 201709-05) — Gentoo security
-
http://www.ubuntu.com/usn/USN-2230-1
USN-2230-1: chkrootkit vulnerability | Ubuntu security notices
-
https://www.exploit-db.com/exploits/38775/
Chkrootkit - Local Privilege Escalation (Metasploit) - Linux local Exploit
-
http://www.openwall.com/lists/oss-security/2014/06/04/9
oss-security - CVE-2014-0476 chkrootkit vulnerabilityExploit
Jump to