Main Vulnerability Database SB2020010618

SB2020010618 - Improper Privilege Management in rConfig

Published: January 6, 2020 Updated: August 8, 2020

Security Bulletin ID SB2020010618

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Privilege Management (CVE-ID: CVE-2019-19585)

The vulnerability allows a local authenticated user to execute arbitrary code.

An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local security restrictions.

Remediation

Install update from vendor's website.

References

http://packetstormsecurity.com/files/156950/rConfig-3.9.4-searchField-Remote-Code-Execution.html
https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_lpe.sh
https://raw.githubusercontent.com/v1k1ngfr/exploits/master/rconfig_lpe.sh?token=