Vulnerability Details : CVE-2015-3245
Public exploit exists!
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2015-3245
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2015-3245
-
Libuser roothelper Privilege Escalation
Disclosure Date: 2015-07-24First seen: 2020-04-26exploit/linux/local/libuser_roothelper_priv_escThis module attempts to gain root privileges on Red Hat based Linux systems, including RHEL, Fedora and CentOS, by exploiting a newline injection vulnerability in libuser and userhelper versions prior to 0.56.13-8 and version 0.60 before 0.60-7. Th
CVSS scores for CVE-2015-3245
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2015-3245
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-3245
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162947.html
[SECURITY] Fedora 22 Update: libuser-0.62-1.fc22
-
http://rhn.redhat.com/errata/RHSA-2015-1482.html
RHSA-2015:1482 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/articles/1537873
libuser vulnerabilities (CVE-2015-3245 and CVE-2015-3246) - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/76021
libuser CVE-2015-3245 Local Denial of Service Vulnerability
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163044.html
[SECURITY] Fedora 21 Update: libuser-0.62-1.fc21
-
https://www.exploit-db.com/exploits/44633/
Libuser - 'roothelper' Local Privilege Escalation (Metasploit)
-
http://rhn.redhat.com/errata/RHSA-2015-1483.html
RHSA-2015:1483 - Security Advisory - Red Hat Customer Portal
-
http://www.securitytracker.com/id/1033040
Libuser Bugs Let Local Users Deny Service and Gain Elevated Privileges - SecurityTracker
-
https://www.qualys.com/2015/07/23/cve-2015-3245-cve-2015-3246/cve-2015-3245-cve-2015-3246.txt
Exploit
Products affected by CVE-2015-3245
- cpe:2.3:a:redhat:libuser:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libuser:0.60-3:*:*:*:*:*:*:*