CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
7.4 | $0-$5k | 0.00 |
A vulnerability, which was classified as critical, has been found in Freshmeat XWine 1.0.1. Affected by this issue is an unknown code block of the file w_export.c. The manipulation with an unknown input leads to a access control vulnerability. Using CWE to declare the problem leads to CWE-264. Impacted is integrity, and availability. CVE summarizes:
w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file.
The bug was discovered 02/26/2008. The weakness was disclosed 03/03/2008 by Steve Kemp with Debian (Website). The advisory is shared for download at secunia.com. This vulnerability is handled as CVE-2008-0931 since 02/25/2008. The attack needs to be approached locally. No form of authentication is required for exploitation. There are known technical details, but no exploit is available. The MITRE ATT&CK project declares the attack technique as T1068.
The vulnerability was handled as a non-public zero-day exploit for at least 6 days. During that time the estimated underground price was around $0-$5k. The vulnerability scanner Nessus provides a plugin with the ID 31632 (Debian DSA-1526-1 : xwine - several vulnerabilities), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Debian Local Security Checks and running in the context l.
Upgrading eliminates this vulnerability. A possible mitigation has been published 3 weeks after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (40941) and Tenable (31632). The entry 41311 is pretty similar.
Product
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.7VulDB Meta Temp Score: 7.4
VulDB Base Score: 7.7
VulDB Temp Score: 7.4
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Access controlCWE: CWE-264
CAPEC: 🔍
ATT&CK: 🔍
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Nessus ID: 31632
Nessus Name: Debian DSA-1526-1 : xwine - several vulnerabilities
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Timeline
02/25/2008 🔍02/26/2008 🔍
02/29/2008 🔍
03/03/2008 🔍
03/03/2008 🔍
03/03/2008 🔍
03/20/2008 🔍
03/20/2008 🔍
03/21/2008 🔍
03/25/2008 🔍
03/16/2015 🔍
08/07/2019 🔍
Sources
Advisory: secunia.com⛔Researcher: Steve Kemp
Organization: Debian
Status: Not defined
Confirmation: 🔍
CVE: CVE-2008-0931 (🔍)
OVAL: 🔍
X-Force: 40941
Vulnerability Center: 18008 - Darken33 XWine W_export.c Vulnerability Allows Local Users to Execute Arbitrary Code and Cause DoS, Medium
SecurityFocus: 28369 - XWine WINE Configuration File Local Arbitrary Command Execution Vulnerability
Secunia: 29125 - XWine Insecure Temporary File Handling and Configuration File Permissions, Less Critical
OSVDB: 43046 - XWine - WINE Configuration File Local Arbitrary Command Execution Issue
See also: 🔍
Entry
Created: 03/16/2015 13:43Updated: 08/07/2019 17:25
Changes: 03/16/2015 13:43 (76), 08/07/2019 17:25 (5)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.