#VU44065 Input validation error in ConnMan - CVE-2012-2321

Cybersecurity Help s.r.o.

Published: 2012-05-19 | Updated: 2020-08-11

Vulnerability identifier: #VU44065

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2012-2321

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ConnMan
Universal components / Libraries / Libraries used by multiple products

Vendor: kernel.org

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply.

Mitigation
Install update from vendor's website.

Vulnerable software versions

ConnMan: 0.1 - 0.83

External links
https://git.kernel.org/?p=network/connman/connman.git;a=commit;h=26ace5c59f790bce0f1988b88874c6f2c480fd5a
https://git.kernel.org/?p=network/connman/connman.git;a=commit;h=a5f540db7354b76bcabd0a05d8eb8ba2bff4e911
https://secunia.com/advisories/49033
https://secunia.com/advisories/49186
https://security.gentoo.org/glsa/glsa-201205-02.xml
https://www.openwall.com/lists/oss-security/2012/05/07/10
https://www.openwall.com/lists/oss-security/2012/05/07/2
https://www.openwall.com/lists/oss-security/2012/05/07/6
https://www.osvdb.org/81705
https://www.securityfocus.com/bid/53408
https://bugzilla.novell.com/show_bug.cgi?id=715172
https://exchange.xforce.ibmcloud.com/vulnerabilities/75466

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in aldebaran connman

Gentoo update for ConnMan