Описание
An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.
Ссылки
- ExploitThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitVendor Advisory
- ExploitThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8.0-20181023124437 (исключая)
cpe:2.3:a:keybase:keybase:*:*:*:*:*:linux:*:*
EPSS
Процентиль: 45%
0.00222
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-426
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.
EPSS
Процентиль: 45%
0.00222
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-426