SB2018041039 - Red Hat update for pcs
Published: April 10, 2018 Updated: April 13, 2018
Security Bulletin ID
SB2018041039
Severity
Low
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Privilege escalation (CVE-ID: CVE-2018-1079)
The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.The weakness exists in the REST interface of the pcsd service due improper sanitization of the file name from the /remote/put_file query. A remote attacker can create or overwrite arbitrary files with arbitrary data outside of the /etc/booth directory, in the context of the pcsd process and gain root privileges.
2) Information disclosure (CVE-ID: CVE-2018-1086)
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists in the REST interface due to debug parameter removal bypass. A remote attacker can gain access to potentially sensitive information.
3) Information disclosure (CVE-ID: CVE-2018-1000119)
The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information on the target system.The weakness exists due to insufficient security restrictions. A remote attacker can conduct a timing attack and gain access to potentially sensitive information, such as signatures.
Remediation
Install update from vendor's website.