PT-2020-10411 · Gentoo+1 · Gentoo Portage+1

Michael Orlitzky

Published

2020-01-20

Updated

2021-07-21

CVE-2019-20384

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Gentoo Portage versions 2.3.84 and earlier

Description The issue allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account. This is possible because the directory is writable between a call to emake and a call to fowners.

Recommendations For Gentoo Portage versions 2.3.84 and earlier, consider restricting write access to the /usr/lib64/nagios/plugins directory to prevent unauthorized placement of plugins. As a temporary workaround, monitor the directory for any suspicious activity and restrict access to the nagios user account until a fix is available.

Exploit

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2019-20384

Affected Products

Gentoo Portage

Nagios

PT-2020-10411 · Gentoo+1 · Gentoo Portage+1

CVE-2019-20384

Weakness Enumeration

Related Identifiers

Affected Products

References · 5