Main Vulnerability Database SB2019060419

SB2019060419 - Multiple vulnerabilities in Yubico pam-u2f

Published: June 4, 2019 Updated: August 8, 2020

Security Bulletin ID SB2019060419

Severity

High

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2019-12209)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was enabled), and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM configuration, part of the file contents of a symlink target will be logged, possibly revealing sensitive information.

2) Information disclosure (CVE-ID: CVE-2019-12210)

The vulnerability allows a remote authenticated user to read and manipulate data.

In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it. This can leak sensitive information and also, if written to, be used to fill the disk or plant misinformation.

Remediation

Install update from vendor's website.

SB2019060419 - Multiple vulnerabilities in Yubico pam-u2f

Breakdown by Severity

Description

Remediation

References