PT-2018-10170 · Networkmanager+2 · Network Manager Vpnc Plugin+2

Denis Andzakovic

Published

2018-07-23

Updated

2020-12-04

CVE-2018-10900

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Network Manager VPNC plugin versions prior to 1.2.6

Description The issue allows for a privilege escalation attack. An attacker can inject a Password helper parameter into the configuration data passed to VPNC by using a new line character, enabling the execution of arbitrary commands as root.

Recommendations For versions prior to 1.2.6, update to version 1.2.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the VPNC plugin to minimize the risk of exploitation.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

ALT-PU-2018-2074

CVE-2018-10900

DLA-1454-1

DSA-4253-1

OPENSUSE-SU-2018_2307-1

OPENSUSE-SU-2024:10604-1

SUSE-SU-2018:2297-1

SUSE-SU-2018_2297-1

Affected Products

Alt Linux

Network Manager Vpnc Plugin

Suse

PT-2018-10170 · Networkmanager+2 · Network Manager Vpnc Plugin+2

CVE-2018-10900

Weakness Enumeration

Related Identifiers

Affected Products

References · 35