FKIE_CVE-2017-14730

Vulnerability from fkie_nvd - Published: 2017-09-25 17:29 - Updated: 2025-04-20 01:37
Severity ?
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link.
References
cve@mitre.orghttps://bugs.gentoo.org/628558Third Party Advisory
cve@mitre.orghttps://github.com/gentoo/gentoo/pull/5665Third Party Advisory
cve@mitre.orghttps://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18f97c851c209f291b31ae7a902719f1c17c79faThird Party Advisory
cve@mitre.orghttps://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bbd6cb398c1740c68e9b1b78340c887c58c1fbdaThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugs.gentoo.org/628558Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/gentoo/gentoo/pull/5665Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18f97c851c209f291b31ae7a902719f1c17c79faThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bbd6cb398c1740c68e9b1b78340c887c58c1fbdaThird Party Advisory
Impacted products
Vendor Product Version
elasticsearch logstash 5.0.0
elasticsearch logstash 5.0.1
elasticsearch logstash 5.0.2
elasticsearch logstash 5.1.1
elasticsearch logstash 5.1.2
elasticsearch logstash 5.2.0
elasticsearch logstash 5.2.1
elasticsearch logstash 5.3.0
elasticsearch logstash 5.3.1
elasticsearch logstash 5.3.2
elasticsearch logstash 5.4.1
elasticsearch logstash 5.4.2
elasticsearch logstash 5.4.3
elasticsearch logstash 5.5.0
elasticsearch logstash 5.5.1
elasticsearch logstash 5.5.2
elasticsearch logstash 5.6.0
gentoo linux -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8102CDF3-E87D-47C5-AF0D-C80377F17BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACC605F4-F54D-4CCE-871B-9ED65690A649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE359E34-6382-4CA6-8007-44E30AA2A37D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FE9BC9A-9560-4102-BA7A-35483A5EC291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F805018-CE98-454F-AE85-4839245B8737",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FDBB24F-AB33-4601-B8F8-98A59B87A560",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "56110525-4479-4893-8173-4940FB9EAFEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF433D16-F557-4C1D-B153-C2C2B92EC89C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2764E7D4-6413-468B-BE09-A98AA62CADF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63588DEF-1628-4690-B7E0-F854D7C361D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F60E8A3-5BCE-4CD0-B0A8-866489ECC818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F26DDE0B-FD14-49EA-AEE7-EBDA8B36AB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF8C407A-9BEF-4291-A025-73B68D03AF2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8356D01-2F43-4003-8ACD-4CB4B76E48A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D238B6-8065-4392-A343-D0215D514A03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C455913E-FA72-4422-8B6B-83E5ECC1F5FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elasticsearch:logstash:5.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "617C493C-F643-4962-A0E3-7D6B5DC9FDE9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92121D8A-529E-454A-BC8D-B6E0017E615D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has \"chown -R\" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link."
    },
    {
      "lang": "es",
      "value": "El script init en el paquete app-admin/logstash-bin de Gentoo en versiones anteriores a la 5.5.3 y las versiones 5.6.x anteriores a la 5.6.1 tiene llamadas \"chown -R\" para \u00e1rboles de directorio escribibles por los usuarios, lo que permite que los usuarios locales obtengan privilegios aprovechando el acceso a una cuenta $LS_USER para crear un v\u00ednculo f\u00edsico."
    }
  ],
  "id": "CVE-2017-14730",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-25T17:29:00.787",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://bugs.gentoo.org/628558"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/gentoo/gentoo/pull/5665"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18f97c851c209f291b31ae7a902719f1c17c79fa"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bbd6cb398c1740c68e9b1b78340c887c58c1fbda"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://bugs.gentoo.org/628558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/gentoo/gentoo/pull/5665"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18f97c851c209f291b31ae7a902719f1c17c79fa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bbd6cb398c1740c68e9b1b78340c887c58c1fbda"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.