Vulnerability Details : CVE-2017-7358
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
Vulnerability category: Directory traversal
Products affected by CVE-2017-7358
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
- cpe:2.3:a:lightdm_project:lightdm:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-7358
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-7358
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST | |
7.3
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
1.3
|
5.9
|
NIST |
CWE ids for CVE-2017-7358
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-7358
-
https://www.exploit-db.com/exploits/41923/
LightDM (Ubuntu 16.04/16.10) - 'Guest Account' Local Privilege Escalation
-
https://www.ubuntu.com/usn/usn-3255-1/
USN-3255-1: LightDM vulnerability | Ubuntu security noticesThird Party Advisory
-
https://launchpad.net/bugs/1677924
Bug #1677924 “Local privilege escalation via guest user login” : Bugs : lightdm package : UbuntuThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/97486
LightDM CVE-2017-7358 Local Directory Traversal VulnerabilityThird Party Advisory;VDB Entry
-
https://lists.freedesktop.org/archives/lightdm/2017-April/001059.html
[LightDM] Using debian/guest-account.sh allows local privilege escalationThird Party Advisory;VDB Entry
-
http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/2478
~lightdm-team/lightdm/trunk : revision 2478VDB Entry;Third Party Advisory
Jump to