A vulnerability classified as critical was found in Expect up to 8.3.2 on Mandrake Linux. Affected by this vulnerability is an unknown functionality of the file /home/snailtalk. The manipulation with an unknown input leads to a privileges management vulnerability. The CWE definition for the vulnerability is CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.

The weakness was released 11/30/2001 (Website). The advisory is shared at linux-mandrake.com. This vulnerability is known as CVE-2001-0912. The exploitation appears to be easy. An attack has to be approached locally. The exploitation doesn't need any form of authentication. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1068 for this issue.

The vulnerability scanner Nessus provides a plugin with the ID 13900 (Mandrake Linux Security Advisory : expect (MDKSA-2001:087)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Mandriva Local Security Checks and running in the context l.

Upgrading to version 8.3.3 eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

The vulnerability is also documented in the databases at X-Force (7604) and Tenable (13900).

Productinfo

Name

• Expect

Version

• 8.3.0
• 8.3.1
• 8.3.2

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion