7.2 - VU#946652

Executive Summary

Summary
Title	pWhois Layer Four Traceroute 3.x vulnerability

Informations
Name	VU#946652	First vendor Publication	2011-04-04
Vendor	VU-CERT	Last vendor Modification	2011-04-04
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	7.2	Attack Range	Local
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#946652

pWhois Layer Four Traceroute 3.x vulnerability

Overview

Given a specific set of command line arguments, Layer Four Traceroute (lft) will produce a segmentation fault leading to a possible privilege escalation vulnerability.

I. Description

pWhois Layer Four Traceroute 3.x contains a vulnerability when parsing command line arguments. Earlier versions of Layer Four Traceroute may also be vulnerable. Some distributions that package Layer Four Traceroute are not vulnerable because they do not install the 'lft' binary SETUID root.

II. Impact

If Layer Four Traceroute is installed SETUID root, a local attacker may be able to exploit the vulnerability for privilege escalation.

III. Solution

Apply an Update

Upgrade to Layer Four Traceroute 3.3 or later.

Workaround

If upgrading to the latest version is not possible, do not install Layer Four Traceroute SETUID root. This will limit the application functionality for unprivileged users.

Vendor Information

Vendor	Status	Date Notified	Date Updated
Debian GNU/Linux	Unknown	2011-02-22	2011-02-22
FreeBSD Project	Unknown	2011-02-22	2011-02-22
Gentoo Linux	Unknown	2011-02-22	2011-02-22
pwhois_lft	Affected	2011-01-19	2011-04-04
Red Hat, Inc.	Not Affected	2011-02-22	2011-04-04
Slackware Linux Inc.	Not Affected	2011-02-22	2011-04-04
SUSE Linux	Not Affected	2011-02-22	2011-04-04
Ubuntu	Not Affected	2011-02-22	2011-04-04

References

http://pwhois.org/lft/

Credit

Thanks to Markus Gothe for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

Date Public:	2011-04-04
Date First Published:	2011-04-04
Date Last Updated:	2011-04-04
CERT Advisory:
CVE-ID(s):	CVE-2011-0765
NVD-ID(s):	CVE-2011-0765
US-CERT Technical Alerts:
Severity Metric:	0.00
Document Revision:	17

Original Source

Url : http://www.kb.cert.org/vuls/id/946652

CPE : Common Platform Enumeration

Type	Description	Count
Application	Pwhois Layer Four Traceroute cpe:2.3:a:pwhois:layer_four_traceroute:3.2:::::::* cpe:2.3:a:pwhois:layer_four_traceroute:3.1:::::::* cpe:2.3:a:pwhois:layer_four_traceroute:3.0:::::::*	3

OpenVAS Exploits

Date	Description
2011-04-13	Name : pWhois Layer Four Traceroute (LFT) Unspecified Vulnerability File : nvt/gb_pwhois_lft_unspecified_vuln.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
72537	Layer Four Traceroute (LFT) Crafted Command Line Unspecified Privilege Escala...

Nessus® Vulnerability Scanner

Date	Description
2014-12-15	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-10.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CPE ID(s)	3
osvdb(s)	1
Openvas Exploit(s)	1
Nessus® Exploit(s)	1

	Related
7.2	CVE-2011-0765
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)