Bad rc.local permissions allow privilege escalation #3216

moderate
security

(Stefano Fancello) #1

nethserver-base package had bad permissions for /etc/rc.d/rc.local template and everyone has been allowed to write it. An attacker with local access could use this to elevate his privileges and execute commands as root by writing them in it and waiting for a reboot.
nethserver-base 2.7.3-1 Fix the issue.

Impact is moderate because a reboot is necessary to carry out the attack and unprivileged users are unable to do it. If /etc/rc.d/rc.local is edited by an attacker and system hasn’t been rebooted since that, updating nethserver-base expand again the file and any malicious code is dropped.

Update nethserver-base now.
More info on bug #3216 and in code repository


Community Digest 4 - July 2015