Main Vulnerability Database SB2024031102

SB2024031102 - Spoofing attack in NetBSD utmp_update

Published: March 11, 2024

Security Bulletin ID SB2024031102

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Spoofing attack (CVE-ID: N/A)

The vulnerability allows a local user to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data within the utmp_update(8) command when handling hostnames. A local user can inject specially crafted data into the utmpx(5) database and spoof content of log files or display arbitrary output for tools, which display hostnames from utmpx(5) databases such us w(1) or who(1).

Remediation

Install update from vendor's website.

References

http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-001.txt.asc