Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-5180 — Missing Authorization in Project Firejail

CWE-862 — Missing Authorization7 documents7 sources

Severity

8.8HIGHNVD

EPSS

0.1%

top 73.07%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Firejail Project Firejail

Timeline

PublishedFeb 9

Latest updateMay 13

Description

Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages2 packages

▶NVDfirejail_project/firejail0.9.38 — 0.9.38.8+1

▶Debianfirejail_project/firejail< 0.9.44.2-3+3

🔴Vulnerability Details

GHSA

GHSA-j8r6-v8qr-pf69: Firejail before 0↗2022-05-13

▶

CVEList

CVE-2017-5180: Firejail before 0↗2017-02-09

▶

OSV

CVE-2017-5180: Firejail before 0↗2017-02-09

▶

💥Exploits & PoCs

Exploit-DB

Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape↗2017-01-04

▶

📋Vendor Advisories

Debian

CVE-2017-5180: firejail - Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider ...↗2017

▶

💬Community

Bugzilla

CVE-2017-1000381 c-ares: NAPTR parser out of bounds access↗2017-06-20

▶