Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 661712 (CVE-2018-10900)

Summary: <net-misc/networkmanager-vpnc-1.2.6: privilege escalation allows to execute arbitrary commands as root (CVE-2018-10900)
Product: Gentoo Security Reporter: Florian Schuhmacher <mynt1aa>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: gnome
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4
Whiteboard: B2 [glsa+ cve]
Package list:
net-misc/networkmanager-vpnc-1.2.6
 Runtime testing required: ---

Description Florian Schuhmacher 2018-07-21 03:05:34 UTC 
The Network Manager VPNC plugin is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root.


Gentoo Security Scout
Florian Schuhmacher
Comment 1 Larry the Git Cow gentoo-dev 2018-07-24 23:50:20 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3cf88f8d4ae9db896054b12a03ff17e495adbdfd

commit 3cf88f8d4ae9db896054b12a03ff17e495adbdfd
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2018-07-24 23:48:52 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2018-07-24 23:49:32 +0000

    net-misc/networkmanager-vpnc: security bump to 1.2.6
    
    Bug: https://bugs.gentoo.org/661712
    Package-Manager: Portage-2.3.43, Repoman-2.3.10

 net-misc/networkmanager-vpnc/Manifest              |  1 +
 .../networkmanager-vpnc-1.2.6.ebuild               | 49 ++++++++++++++++++++++
 2 files changed, 50 insertions(+)
Comment 2 Agostino Sarubbo gentoo-dev 2018-07-25 08:25:24 UTC 
amd64 stable
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2018-07-28 13:45:41 UTC 
x86 stable
Comment 4 Michael Boyle 2018-07-30 00:26:40 UTC 
GLSA filled.
Acked-by: ChrisADR

Michael Boyle
Security Padawan.
Comment 5 Michael Boyle 2018-07-30 00:28:08 UTC 
GLSA filled.
Acked-by: ChrisADR

Michael Boyle
Security Padawan.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2018-08-22 21:28:59 UTC 
This issue was resolved and addressed in
 GLSA 201808-03 at https://security.gentoo.org/glsa/201808-03
by GLSA coordinator Thomas Deutschmann (whissi).