Main Vulnerability Database Exploits ID:3708 - Exploit for Improper Privilege Management in Debian Linux - CVE-2017-0358

ID:3708 - Exploit for Improper Privilege Management in Debian Linux - CVE-2017-0358

Published: August 4, 2020

Vulnerability identifier: #VU33561

Vulnerability risk: Low

CVE-ID: CVE-2017-0358

CWE-ID: CWE-269

Exploitation vector: Local access

Vulnerable software:
Debian Linux

Link to public exploit:

https://www.exploit-db.com/exploits/41356/

Vulnerability description

The vulnerability allows a local authenticated user to execute arbitrary code.

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.

Remediation

Install update from vendor's website.

ID:3708 - Exploit for Improper Privilege Management in Debian Linux - CVE-2017-0358

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human