Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-3245Improper Input Validation in Libuser

CWE-20Improper Input ValidationCWE-138Improper Neutralization of Special Elements16 documents8 sources
Severity
7.2HIGHNVD
NVD2.1OSV2.1
EPSS
11.2%
top 6.49%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
LibuserDebian LibuserRedhat Libuser
Timeline
PublishedAug 11
Latest updateMay 14

Description

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

debiandebian/libuser< libuser 1:0.62~dfsg-0.1 (bookworm)
Debianlibuser/libuser< 1:0.62~dfsg-0.1+3
NVDredhat/libuser0.56.13-5+6

🔴Vulnerability Details

4
GHSA
GHSA-f52h-j689-x786: libuser before 02022-05-14
GHSA
GHSA-q4h8-6f3r-mvww: Incomplete blacklist vulnerability in the chfn function in libuser before 02022-05-14
OSV
CVE-2015-3246: libuser before 02015-08-11
OSV
CVE-2015-3245: Incomplete blacklist vulnerability in the chfn function in libuser before 02015-08-11

💥Exploits & PoCs

3
Exploit-DB
Libuser - 'roothelper' Local Privilege Escalation (Metasploit)2018-05-16
Exploit-DB
Libuser Library - Multiple Vulnerabilities2015-07-27
Metasploit
Libuser roothelper Privilege Escalation

📋Vendor Advisories

4
Red Hat
libuser: Security flaw in handling /etc/passwd file2015-07-23
Red Hat
libuser: does not filter newline characters in the GECOS field2015-07-23
Debian
CVE-2015-3246: libuser - libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper progr...2015
Debian
CVE-2015-3245: libuser - Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.1...2015

💬Community

3
Bugzilla
CVE-2015-3245 CVE-2015-3246 libuser: various flaws [fedora-all]2015-07-23
Bugzilla
CVE-2015-3246 libuser: Security flaw in handling /etc/passwd file2015-06-18
Bugzilla
CVE-2015-3245 libuser: does not filter newline characters in the GECOS field2015-06-18