The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by bearerbox.
References
Link | Resource |
---|---|
https://redmine.kannel.org/issues/771 | Exploit Vendor Advisory |
Configurations
Information
Published : 2017-09-20 11:29
Updated : 2019-10-02 17:03
NVD link : CVE-2017-14609
Mitre link : CVE-2017-14609
JSON object : View
CWE
CWE-665
Improper Initialization
Products Affected
kannel
- kannel