Vulnerability Details : CVE-2014-2886
GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during installation of a VirtualBox extension pack.
Exploit prediction scoring system (EPSS) score for CVE-2014-2886
Probability of exploitation activity in the next 30 days: 0.67%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 77 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-2886
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2014-2886
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-2886
-
https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu
GKsu and VirtualBox Root Command Execution by Filename (CVE-2014-2943)Exploit
-
https://launchpad.net/bugs/1186676
Bug #1186676 “gksu handles quoted strings wrongly” : Bugs : gksu package : Ubuntu
-
https://security.gentoo.org/glsa/201812-10
GKSu: Arbitrary command execution (GLSA 201812-10) — Gentoo security
-
http://savannah.nongnu.org/bugs/?40023
GKSu - Bugs: bug #40023, command is not escaped when... [Savannah]
Products affected by CVE-2014-2886
- cpe:2.3:a:nongnu:gksu:2.0.2:*:*:*:*:*:*:*