CVE-2015-2851

client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.kb.cert.org/vuls/id/551972	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/BLUU-9VBU45	Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/74826

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:synology:cloud_station:1.1-2291:::::::*
	cpe:2.3:a:synology:cloud_station:2.0-2291:::::::*
	cpe:2.3:a:synology:cloud_station:2.0-2402:::::::*
	cpe:2.3:a:synology:cloud_station:2.1-2561:::::::*
	cpe:2.3:a:synology:cloud_station:2.1-2570:::::::*
	cpe:2.3:a:synology:cloud_station:2.1-2577:::::::*
	cpe:2.3:a:synology:cloud_station:3.0-3005:::::::*
	cpe:2.3:a:synology:cloud_station:3.0-3103:::::::*
	cpe:2.3:a:synology:cloud_station:3.0-3108:::::::*
	cpe:2.3:a:synology:cloud_station:3.0-3109:::::::*
	cpe:2.3:a:synology:cloud_station:3.0-3111:::::::*
	cpe:2.3:a:synology:cloud_station:3.1-3317:::::::*
	cpe:2.3:a:synology:cloud_station:3.1-3320:::::::*

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-05-30 19:59

Updated : 2024-02-28 15:21

NVD link : CVE-2015-2851

Mitre link : CVE-2015-2851

CVE.ORG link : CVE-2015-2851

JSON object : View

Products Affected

apple

mac_os_x

synology

cloud_station

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2015-2851", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-05-30T19:59:03.880", "references": [{"url": "http://www.kb.cert.org/vuls/id/551972", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/BLUU-9VBU45", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/74826", "source": "cret@cert.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename."}, {"lang": "es", "value": "client_chown en el cliente sync en Synology Cloud Station 1.1-2291 hasta 3.1-3320 en OS X permite a usuarios locales cambiar la titularidad de ficheros arbitrarios, y como consecuencias obtener el acceso root, mediante la especificaci\u00f3n de un nombre de fichero."}], "lastModified": "2016-12-03T03:07:01.733", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:synology:cloud_station:1.1-2291:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89282A91-62F9-4FAD-907E-59E7A7C41AC9"}, {"criteria": "cpe:2.3:a:synology:cloud_station:2.0-2291:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E94D6674-B445-47A6-8B89-3696B43DB5EB"}, {"criteria": "cpe:2.3:a:synology:cloud_station:2.0-2402:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4E69C0A-2D3F-48F6-B667-88E7C7058FD3"}, {"criteria": "cpe:2.3:a:synology:cloud_station:2.1-2561:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35EE80A5-5B4B-459B-A12E-F39BEE10C37F"}, {"criteria": "cpe:2.3:a:synology:cloud_station:2.1-2570:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD4E307D-9C66-465E-8568-B421852B169E"}, {"criteria": "cpe:2.3:a:synology:cloud_station:2.1-2577:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C540D06-6F76-4FA0-8D39-40A9747A360D"}, {"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B670697-975E-4931-9C3B-8ACEBC0E2843"}, {"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3103:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE880EA1-54F3-4A1B-96AD-DCF720A6F7E1"}, {"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3108:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10B5BDA7-0035-42FA-A835-9E98DE647BE1"}, {"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3109:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "311CDD0F-26F3-47BA-BF73-FC6CB2BE3E10"}, {"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3111:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E60BA19E-3CCD-4BE0-8500-D385A3592ECA"}, {"criteria": "cpe:2.3:a:synology:cloud_station:3.1-3317:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AA63857-7611-485D-AE43-D6F15B893CD2"}, {"criteria": "cpe:2.3:a:synology:cloud_station:3.1-3320:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "872EDE63-3B43-49E4-8234-7BCB674E3070"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cret@cert.org"}