Vulnerability Details : CVE-2020-24332
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2020-24332
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 22 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2020-24332
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2020-24332
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-24332
-
http://www.openwall.com/lists/oss-security/2020/08/14/1
oss-security - Re: [TrouSerS-tech] Multiple Security Issues in the TrouSerS tpm1.2 tscd DaemonExploit;Mailing List;Third Party Advisory
-
https://bugzilla.suse.com/show_bug.cgi?id=1164472
Bug 1164472 – VUL-0: trousers: TrouSerS tcsd privilege escalation tss to root userExploit;Issue Tracking;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SSDL7COIFCZQMUBNAASNMKMX7W5JUHRD/
[SECURITY] Fedora 33 Update: trousers-0.3.14-4.fc33 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://seclists.org/oss-sec/2020/q2/att-135/tcsd_fixes.patch
Mailing List;Patch;Third Party Advisory
-
https://sourceforge.net/p/trousers/mailman/message/37015817/
TrouSerS / [TrouSerS-tech] Multiple Security Issues in the TrouSerS tpm1.2 tscd DaemonExploit;Mailing List;Mitigation;Third Party Advisory
Products affected by CVE-2020-24332
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:a:trustedcomputinggroup:trousers:*:*:*:*:*:*:*:*