Incorrect permission assignment for critical resource in doas (Alpine package)



Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-25016
CWE-ID CWE-732
Exploitation vector Network
Public exploit N/A
Vulnerable software
 doas (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Incorrect permission assignment for critical resource

EUVDB-ID: #VU50299

Risk: High

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2019-25016

CWE-ID: CWE-732 - Incorrect Permission Assignment for Critical Resource

Exploit availability: No

Description

The vulnerability allows a remote authenticated user to execute arbitrary code.

In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed to authenticated user to execute specific commands were not affected by this issue.

Mitigation

Install update from vendor's website.

Vulnerable software versions

doas (Alpine package): 6.0-r0 - 6.8.1-r0

CPE2.3 External links

https://git.alpinelinux.org/aports/commit/?id=5da52751c79e7e819e12094c84c3c57e45c1c662
https://git.alpinelinux.org/aports/commit/?id=3433f0dd4a3a3dc06b9a6cdd2313f040b0f048e2
https://git.alpinelinux.org/aports/commit/?id=bc622eb11fe50937e452680897c31a2e0b65f255
https://git.alpinelinux.org/aports/commit/?id=d59e09c177635f08f1c2b8de4ae88cbb3301aa8b
https://git.alpinelinux.org/aports/commit/?id=eb28892c1f366e79c508714aad77e03accc17705


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###