CVE-2017-20148 - In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achie

CVE-2017-20148

Summary

In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls.

References

https://bugs.gentoo.org/630752
https://security.gentoo.org/glsa/202209-10

Vulnerable Configurations

cpe:2.3:a:debian:logcheck:*:*:*:*:*:*:*:*
cpe:2.3:a:debian:logcheck:*:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

25-09-2022 - 16:15

Published

20-09-2022 - 18:15

Last modified

25-09-2022 - 16:15