Fedora 27 update for pcs
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-1086 CVE-2018-1079 |
| CWE-ID | CWE-200 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Fedora Operating systems & Components / Operating system pcs Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU11772
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1086
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists in the REST interface due to debug parameter removal bypass. A remote attacker can gain access to potentially sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 27
pcs: before 0.9.164-1.fc27
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-2018-57bbe74c6c
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Privilege escalation
EUVDB-ID: #VU11820
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1079
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.
The weakness exists in the REST interface of the pcsd service due improper sanitization of the file name from the /remote/put_file query. A remote attacker can create or overwrite arbitrary files with arbitrary data outside of the /etc/booth directory, in the context of the pcsd process and gain root privileges.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 27
pcs: before 0.9.164-1.fc27
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-2018-57bbe74c6c
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
