PT-2021-9084 · Opendoas · Opendoas

Published

2021-01-28

Updated

2022-04-26

CVE-2019-25016

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenDoas versions 6.6 through 6.8

Description The issue arises from an incorrect inheritance of the user's PATH variable by authenticated executions in OpenDoas, specifically when the authenticating rule allows the user to execute any command. This does not affect rules that only permit the authenticated user to execute specific commands. There is an unsafe incomplete reset of the PATH variable when changing the user context.

Recommendations For OpenDoas versions 6.6 through 6.8, consider restricting the authenticating rules to only allow execution of specific commands until a fix is available. As a temporary workaround, review and adjust the PATH variable settings to minimize potential risks.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-909CWE-459

Related Identifiers

CVE-2019-25016

Affected Products

Opendoas

PT-2021-9084 · Opendoas · Opendoas

CVE-2019-25016

Weakness Enumeration

Related Identifiers

Affected Products

References · 11