CERTA-2002-AVI-016
Vulnerability from certfr_avis - Published: - Updated:
Un utilisateur mal intentionné peut, en local, obtenir les droits de l'utilisateur root en utilisant la fonction ptrace.
Description
La commande ptrace est une fonction de débuggage qui permet de contrôler l'exécution d'un processus fils, et d'éditer son image mémoire. Il y a des restrictions sur son utilisation avec des processus ayant le drapeau SUID ou SGID activé.
Une vulnérabilité de ces contrôles dans les noyaux BSD permet à un utilisateur mal intentionné d'obtenir les droits de l'utilisateur root.
Solution
Appliquer les correctifs des éditeurs (cf. Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NetBSD 1.4.x versions 1.4.3 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "NetBSD",
"scada": false
}
}
},
{
"description": "OpenBSD version 3.0 ;",
"product": {
"name": "OpenBSD",
"vendor": {
"name": "OpenBSD",
"scada": false
}
}
},
{
"description": "FreeBSD versions 4.4 et ant\u00e9rieures.",
"product": {
"name": "N/A",
"vendor": {
"name": "FreeBSD",
"scada": false
}
}
},
{
"description": "NetBSD 1.5.x versions 1.5.2 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "NetBSD",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nLa commande ptrace est une fonction de d\u00e9buggage qui permet de contr\u00f4ler\nl\u0027ex\u00e9cution d\u0027un processus fils, et d\u0027\u00e9diter son image m\u00e9moire. Il y a\ndes restrictions sur son utilisation avec des processus ayant le drapeau\nSUID ou SGID activ\u00e9.\n\nUne vuln\u00e9rabilit\u00e9 de ces contr\u00f4les dans les noyaux BSD permet \u00e0 un\nutilisateur mal intentionn\u00e9 d\u0027obtenir les droits de l\u0027utilisateur root.\n\n## Solution\n\nAppliquer les correctifs des \u00e9diteurs (cf. Documentation).\n",
"cves": [],
"links": [
{
"title": "Avis de s\u00e9curit\u00e9 OpenBSD :",
"url": "http://www.openbsd.org/security.html"
},
{
"title": "Avis de s\u00e9curit\u00e9 NetBSD SA-2002-001 :",
"url": "http://www.netbsd.org/Security/"
},
{
"title": "Avis de s\u00e9curit\u00e9 FreeBSD SA-02-08 :",
"url": "http://www.freebsd.org/security/index.html"
}
],
"reference": "CERTA-2002-AVI-016",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2002-01-28T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Un utilisateur mal intentionn\u00e9 peut, en local, obtenir les droits de\nl\u0027utilisateur \u003cspan class=\"textit\"\u003eroot\u003c/span\u003e en utilisant la fonction\n\u003cspan class=\"textit\"\u003eptrace\u003c/span\u003e.\n",
"title": "Vuln\u00e9rabilit\u00e9 de ptrace dans les syst\u00e8mes BSD",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 NetBSD 2002-001",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…