#VU33554 Improper Privilege Management - CVE-2017-5618

Cybersecurity Help s.r.o.

Published: 2017-03-20 | Updated: 2020-08-04

Vulnerability identifier: #VU33554

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-5618

CWE-ID: CWE-269

Exploitation vector: Local

Exploit availability: No

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.

Mitigation
Install update from vendor's website.

External links
https://git.savannah.gnu.org/cgit/screen.git/patch/?id=1c6d2817926d30c9a7a97d99af7ac5de4a5845b8
https://git.savannah.gnu.org/cgit/screen.git/tree/src/ChangeLog?h=v.4.5.1
https://savannah.gnu.org/bugs/?50142
https://www.openwall.com/lists/oss-security/2017/01/29/3
https://www.securityfocus.com/bid/95873
https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improper Privilege Management in screen (Alpine package)