Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 661712 (CVE-2018-10900) - <net-misc/networkmanager-vpnc-1.2.6: privilege escalation allows to execute arbitrary commands as root (CVE-2018-10900)
Summary: <net-misc/networkmanager-vpnc-1.2.6: privilege escalation allows to execute a...
Status: RESOLVED FIXED
Alias: CVE-2018-10900
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://gitlab.gnome.org/GNOME/Networ...
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-07-21 03:05 UTC by Florian Schuhmacher
Modified: 2018-08-22 21:28 UTC (History)
1 user (show)

See Also:
Package list:
net-misc/networkmanager-vpnc-1.2.6
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Schuhmacher 2018-07-21 03:05:34 UTC
The Network Manager VPNC plugin is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root.


Gentoo Security Scout
Florian Schuhmacher
Comment 1 Larry the Git Cow gentoo-dev 2018-07-24 23:50:20 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3cf88f8d4ae9db896054b12a03ff17e495adbdfd

commit 3cf88f8d4ae9db896054b12a03ff17e495adbdfd
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2018-07-24 23:48:52 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2018-07-24 23:49:32 +0000

    net-misc/networkmanager-vpnc: security bump to 1.2.6
    
    Bug: https://bugs.gentoo.org/661712
    Package-Manager: Portage-2.3.43, Repoman-2.3.10

 net-misc/networkmanager-vpnc/Manifest              |  1 +
 .../networkmanager-vpnc-1.2.6.ebuild               | 49 ++++++++++++++++++++++
 2 files changed, 50 insertions(+)
Comment 2 Agostino Sarubbo gentoo-dev 2018-07-25 08:25:24 UTC
amd64 stable
Comment 3 Thomas Deutschmann gentoo-dev Security 2018-07-28 13:45:41 UTC
x86 stable
Comment 4 Michael Boyle 2018-07-30 00:26:40 UTC
GLSA filled.
Acked-by: ChrisADR

Michael Boyle
Security Padawan.
Comment 5 Michael Boyle 2018-07-30 00:28:08 UTC
GLSA filled.
Acked-by: ChrisADR

Michael Boyle
Security Padawan.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2018-08-22 21:28:59 UTC
This issue was resolved and addressed in
 GLSA 201808-03 at https://security.gentoo.org/glsa/201808-03
by GLSA coordinator Thomas Deutschmann (whissi).