host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.html | Exploit |
http://www.exploit-db.com/exploits/35234 | Exploit |
https://github.com/ossec/ossec-hids/releases/tag/2.8.1 | Patch Vendor Advisory |
http://packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.html | Exploit |
http://www.exploit-db.com/exploits/35234 | Exploit |
https://github.com/ossec/ossec-hids/releases/tag/2.8.1 | Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 02:11
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.html - Exploit | |
References | () http://www.exploit-db.com/exploits/35234 - Exploit | |
References | () https://github.com/ossec/ossec-hids/releases/tag/2.8.1 - Patch, Vendor Advisory |
Information
Published : 2014-12-02 01:59
Updated : 2024-11-21 02:11
NVD link : CVE-2014-5284
Mitre link : CVE-2014-5284
CVE.ORG link : CVE-2014-5284
JSON object : View
Products Affected
ossec
- ossec
CWE
CWE-264
Permissions, Privileges, and Access Controls