SB2016101013 - Arbitrary command execution in FreeBSD
Published: October 10, 2016 Updated: October 11, 2016
Security Bulletin ID
SB2016101013
CSH Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Arbitrary command execution (CVE-ID: N/A)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote unauthenticated user to execute arbitrary commands on the target system.
The weakness occurs in portsnap and exists due to insufficicient validation of downloaded tar files. By sending a specially crafted tar file attackers can cause arbitrary commands execution. A malicious user possessing elevated privileges is able to compromise the system completely.
Successful exploitation of the vulnerability leads to arbitrary command execution on the vulnerable system.
Remediation
Install update from vendor's website.