CVE Vulnerability
CVE-2018-1000857
log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/(remote) environment variable manipulation similar shell-shock also possible.
References
| Link | Resource |
|---|---|
| https://www.halfdog.net/Security/2018/LogUserSessionLocalRootPrivilegeEscalation/ | Exploit Third Party Advisory |
Configurations
Configuration 1
|
Information
Published : 2018-12-20 05:29
Updated : 2020-06-24 04:58
NVD link : CVE-2018-1000857
Mitre link : CVE-2018-1000857
Products Affected
No products.
CWE