Lucene search
MitreCVE-2016-20015HistorySep 20, 2022 - 6:15 p.m.
CVE-2016-20015
2022-09-2018:15:09
mitre
web.nvd.nist.gov
20
14
cve
2016
20015
ebuild package
smokeping
gentoo
root privileges
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.5%
In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileges. There is a race condition involving /var/lib/smokeping and chown.
Affected configurations
Node
smokepingsmokepingRange≤2.7.3-r1
References
Social References
More
Related
cvelist
cvelist
CVE-2016-20015
2022-09-20 17:01:47
alpinelinux
alpinelinux
CVE-2016-20015
2022-09-20 18:15:09
nvd
nvd
CVE-2016-20015
2022-09-20 18:15:09
ubuntucve
ubuntucve
CVE-2016-20015
2022-09-20 00:00:00
prion
prion
Race condition
2022-09-20 18:15:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.5%
Related for CVE-2016-20015