[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

123775

 
 

909

 
 

102573

 
 

150

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-1000156Date: (C)2018-04-11   (M)2019-06-07


GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.8CVSS Score : 6.8
Exploit Score: 1.8Exploit Score: 8.6
Impact Score: 5.9Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: REQUIREDConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
RHSA-2018:1199
RHSA-2018:1200
RHSA-2018:2091
RHSA-2018:2092
RHSA-2018:2093
RHSA-2018:2094
RHSA-2018:2095
RHSA-2018:2096
RHSA-2018:2097
USN-3624-1
USN-3624-2
https://lists.debian.org/debian-lts-announce/2018/04/msg00013.html
http://rachelbythebay.com/w/2018/04/05/bangpatch/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667#19
https://savannah.gnu.org/bugs/index.php?53566
https://twitter.com/kurtseifried/status/982028968877436928

CPE    9
cpe:/o:redhat:enterprise_linux_server:6.0
cpe:/o:redhat:enterprise_linux_workstation:6.0
cpe:/o:redhat:enterprise_linux_desktop:6.0
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
...
CWE    1
CWE-20
OVAL    15
oval:org.secpod.oval:def:1600885
oval:org.secpod.oval:def:1700037
oval:org.secpod.oval:def:1502184
oval:org.secpod.oval:def:1502185
...

© SecPod Technologies