Exploits Discovered - Published CVE-2017-18018

Security News - Jan 04, 2018

Title: GNU chown and chgrp privilege escalation via recursive dereferences
Author: Michael Orlitzky


The chown program in GNU coreutils is vulnerable to a race condition when using the POSIX -R -L options to follow symlinks recursively. In the presence of symlinks, the recursive directory traversal is not guaranteed to be performed depth-first. As a result, the “new owner” may be able to introduce a symlink at a point in the traversal that has yet to be reached. When it is reached, chown will be performed on the target of that symlink—a situation that is often exploitable to gain root privileges.

Learn More

Complete details here: http://michael.orlitzky.com/cves/cve-2017-18018.xhtml

What is CVE?

Common Vulnerabilities and Exposures (CVE®) is a list of common identifiers for publicly known cybersecurity vulnerabilities, and is the industry standard for vulnerability and exposure identifiers.

The process of creating a CVE Entry begins with the discovery of a potential security vulnerability.  The MITRE Corporation currently maintains CVE and this public website, oversees the CNAs and CVE Board, and provides impartial technical guidance throughout the process to ensure CVE serves the public interest.

About Metro Data, Inc.

Founded in 1994, Metro Data, Inc. is a leading information systems & services firm that works exclusively with business clients to develop and apply customized technology solutions that accomplish a client's strategic goals.

Businesses have chosen Metro Data, Inc. to help keep pace with the ever-changing technology landscape.  Metro Data, Inc.’s "end-to-end" experience helps their customers to secure their systems, reduce costs, and improve their business information systems performance.

About the CVE Author, Michael J. Orlitzky

Mike has been with Metro Data, Inc. for over 20 years.  He holds a PhD in Mathematics.  He has been globally recognized for his work in discovering (and fixing) vulnerabilities in operating systems and application software.  His research has been published in professional journals and he's been acknowledged by industry and academic peers for his work.

Under no circumstances should you send an email to ackbar@viabit.com .

 For more information, call 410-667-3600