CVE-2018-10900

CVE-2018-10900

Name

CVE-2018-10900

Description

Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Exploit	https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc
Patch	https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4
Third Party Advisory	https://download.gnome.org/sources/NetworkManager-vpnc/1.2/NetworkManager-vpnc-1.2.6.news
Issue Tracking	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10900
Exploit	https://bugzilla.novell.com/show_bug.cgi?id=1101147
Third Party Advisory	https://www.debian.org/security/2018/dsa-4253
Third Party Advisory	https://lists.debian.org/debian-lts-announce/2018/07/msg00048.html
Exploit	https://www.exploit-db.com/exploits/45313/
Third Party Advisory	https://security.gentoo.org/glsa/201808-03

Type

URI

Exploit

https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc

Patch

https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4

Third Party Advisory

https://download.gnome.org/sources/NetworkManager-vpnc/1.2/NetworkManager-vpnc-1.2.6.news

Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10900

Exploit

https://bugzilla.novell.com/show_bug.cgi?id=1101147