Vulnerability Details : CVE-2014-7817
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
Vulnerability category: Input validation
Products affected by CVE-2014-7817
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-7817
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-7817
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
CWE ids for CVE-2014-7817
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-7817
-
http://secunia.com/advisories/62100
Sign in
-
http://www.securityfocus.com/bid/71216
GNU glibc CVE-2014-7817 Arbitrary Command Execution Vulnerability
-
http://linux.oracle.com/errata/ELSA-2015-0092.html
linux.oracle.com | ELSA-2015-0092Vendor Advisory
-
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
CPU Oct 2018
-
https://security.gentoo.org/glsa/201602-02
GNU C Library: Multiple vulnerabilities (GLSA 201602-02) — Gentoo security
-
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Oracle Critical Patch Update - January 2018
-
https://sourceware.org/bugzilla/show_bug.cgi?id=17625
17625 – (CVE-2014-7817) wordexp fails to honour WRDE_NOCMD (CVE-2014-7817)
-
http://www.ubuntu.com/usn/USN-2432-1
USN-2432-1: GNU C Library vulnerabilities | Ubuntu security notices
-
https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html
Carlos O'Donell - [COMMITTED] CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.Vendor Advisory
-
http://secunia.com/advisories/62146
Sign in
-
http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html
openSUSE-SU-2015:0351-1: moderate: Security update for glibcVendor Advisory
-
http://www.debian.org/security/2015/dsa-3142
Debian -- Security Information -- DSA-3142-1 eglibcVendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-2023.html
RHSA-2014:2023 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/98852
GNU C Library wordexp() command execution CVE-2014-7817 Vulnerability Report
-
http://seclists.org/oss-sec/2014/q4/730
oss-sec: CVE-2014-7817 glibc: command execution in wordexp() with WRDE_NOCMD specified
-
https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c
sourceware.org Git
-
http://linux.oracle.com/errata/ELSA-2015-0016.html
linux.oracle.com | ELSA-2015-0016
Jump to