CVE-2004-2133

Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories such as /usr/src/packages.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0025.html	Exploit Vendor Advisory
http://www.securityfocus.com/bid/9523	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=107539776002450&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/14994

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cvsup:cvsup:cvsup-16.1h-2.i386.rpm:::::::*
	cpe:2.3:a:cvsup:cvsup:cvsup-16.1h-36.i586.rpm:::::::*
	cpe:2.3:a:cvsup:cvsup:cvsup-16.1h-43.i586.rpm:::::::*

Information

Published : 2004-01-28 21:00

Updated : 2017-07-10 18:31

NVD link : CVE-2004-2133

Mitre link : CVE-2004-2133

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

cvsup

cvsup

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0025.html", "name": "20040129 Security Announcement: untrusted ELF library path in some cvsup binary RPMs", "tags": ["Exploit", "Vendor Advisory"], "refsource": "VULNWATCH"}, {"url": "http://www.securityfocus.com/bid/9523", "name": "9523", "tags": ["Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://marc.info/?l=bugtraq&m=107539776002450&w=2", "name": "20040129 Security Announcement: untrusted ELF library path in some cvsup binary RPMs", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14994", "name": "cvsup-rpath-gain-privileges(14994)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories such as /usr/src/packages."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-2133", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-01-29T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cvsup:cvsup:cvsup-16.1h-2.i386.rpm:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cvsup:cvsup:cvsup-16.1h-36.i586.rpm:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cvsup:cvsup:cvsup-16.1h-43.i586.rpm:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:31Z"}