CVE Vulnerabilities

CVE-2015-1378

Published: Aug 07, 2017 | Modified: Aug 16, 2017
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users.

Affected Software

Name Vendor Start Version End Version
Grml-debootstrap Grml 0.54 (including) 0.54 (including)
Grml-debootstrap Grml 0.68 (including) 0.68 (including)
Grml-debootstrap Grml 0.70 (including) 0.70 (including)
Grml-debootstrap Grml 0.71 (including) 0.71 (including)
Grml-debootstrap Grml 0.72 (including) 0.72 (including)
Grml-debootstrap Grml 0.73 (including) 0.73 (including)
Grml-debootstrap Grml 0.74 (including) 0.74 (including)
Grml-debootstrap Grml 0.75 (including) 0.75 (including)
Grml-debootstrap Grml 0.76 (including) 0.76 (including)
Grml-debootstrap Grml 0.77 (including) 0.77 (including)
Grml-debootstrap Ubuntu precise *
Grml-debootstrap Ubuntu trusty *
Grml-debootstrap Ubuntu utopic *

References