QwikSec

Security Database

CVE

CWE

Training

CVE-2018-10900

Published: Jul 26, 2018

Modified: Aug 5, 2024

PUBLISHED

CVSS v3.0

8.8

HIGH

Description

Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root.

Vendor	Product	Versions
[UNKNOWN]	networkmanager-vpnc	affected `NetworkManager-vpnc 1.2.6`

Weaknesses (CWE)

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

References

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_GENTOO

[debian-lts-announce] 20180731 [SECURITY] [DLA 1454-1] network-manager-vpnc security update

mailing-list

x_refsource_MLIST

exploit

x_refsource_EXPLOIT-DB

https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc

x_refsource_MISC

https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=1101147

x_refsource_CONFIRM

https://download.gnome.org/sources/NetworkManager-vpnc/1.2/NetworkManager-vpnc-1.2.6.news

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10900

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.