CVE-2017-15924

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
shadowsocksshadowsocks-libev
1.3
shadowsocksshadowsocks-libev
1.3.2
shadowsocksshadowsocks-libev
1.4.0
shadowsocksshadowsocks-libev
1.4.1
shadowsocksshadowsocks-libev
1.4.2
shadowsocksshadowsocks-libev
1.4.3
shadowsocksshadowsocks-libev
1.4.4
shadowsocksshadowsocks-libev
1.4.5
shadowsocksshadowsocks-libev
1.4.6
shadowsocksshadowsocks-libev
1.4.7
shadowsocksshadowsocks-libev
1.4.8
shadowsocksshadowsocks-libev
1.5.0
shadowsocksshadowsocks-libev
1.5.1
shadowsocksshadowsocks-libev
1.5.2
shadowsocksshadowsocks-libev
1.5.3
shadowsocksshadowsocks-libev
1.6.1
shadowsocksshadowsocks-libev
1.6.2
shadowsocksshadowsocks-libev
1.6.3
shadowsocksshadowsocks-libev
1.6.4
shadowsocksshadowsocks-libev
2.0.1
shadowsocksshadowsocks-libev
2.0.2
shadowsocksshadowsocks-libev
2.0.3
shadowsocksshadowsocks-libev
2.0.4
shadowsocksshadowsocks-libev
2.0.5
shadowsocksshadowsocks-libev
2.0.6
shadowsocksshadowsocks-libev
2.0.7
shadowsocksshadowsocks-libev
2.0.8
shadowsocksshadowsocks-libev
2.1.0
shadowsocksshadowsocks-libev
2.1.1
shadowsocksshadowsocks-libev
2.1.2
shadowsocksshadowsocks-libev
2.1.3
shadowsocksshadowsocks-libev
2.1.4
shadowsocksshadowsocks-libev
2.2.0
shadowsocksshadowsocks-libev
2.2.1
shadowsocksshadowsocks-libev
2.2.2
shadowsocksshadowsocks-libev
2.2.3
shadowsocksshadowsocks-libev
2.3.0
shadowsocksshadowsocks-libev
2.3.1
shadowsocksshadowsocks-libev
2.3.2
shadowsocksshadowsocks-libev
2.3.3
shadowsocksshadowsocks-libev
2.4.0
shadowsocksshadowsocks-libev
2.4.1
shadowsocksshadowsocks-libev
2.4.2
shadowsocksshadowsocks-libev
2.4.3
shadowsocksshadowsocks-libev
2.4.4
shadowsocksshadowsocks-libev
2.4.5
shadowsocksshadowsocks-libev
2.4.6
shadowsocksshadowsocks-libev
2.4.7
shadowsocksshadowsocks-libev
2.4.8
shadowsocksshadowsocks-libev
2.5.0
shadowsocksshadowsocks-libev
2.5.1
shadowsocksshadowsocks-libev
2.5.2
shadowsocksshadowsocks-libev
2.5.3
shadowsocksshadowsocks-libev
2.5.4
shadowsocksshadowsocks-libev
2.5.5
shadowsocksshadowsocks-libev
2.5.6
shadowsocksshadowsocks-libev
2.6.0
shadowsocksshadowsocks-libev
2.6.1
shadowsocksshadowsocks-libev
2.6.2
shadowsocksshadowsocks-libev
2.6.3
shadowsocksshadowsocks-libev
3.0.0
shadowsocksshadowsocks-libev
3.0.1
shadowsocksshadowsocks-libev
3.0.2
shadowsocksshadowsocks-libev
3.0.3
shadowsocksshadowsocks-libev
3.0.4
shadowsocksshadowsocks-libev
3.0.5
shadowsocksshadowsocks-libev
3.0.6
shadowsocksshadowsocks-libev
3.0.7
shadowsocksshadowsocks-libev
3.0.8
shadowsocksshadowsocks-libev
3.1.0
debiandebian_linux
9.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
shadowsocks-libev
bullseye
3.3.5+ds-4
fixed
bookworm
3.3.5+ds-10
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
shadowsocks-libev
cosmic
not-affected
bionic
not-affected
artful
ignored
zesty
ignored
xenial
dne
trusty
dne
Common Weakness Enumeration
References
http://openwall.com/lists/oss-security/2017/10/13/2
http://www.debian.org/security/2017/dsa-4009
https://github.com/shadowsocks/shadowsocks-libev/commit/c67d275803dc6ea22c558d06b1f7ba9f94cd8de3
https://github.com/shadowsocks/shadowsocks-libev/issues/1734
https://www.x41-dsec.de/lab/advisories/x41-2017-010-shadowsocks-libev/
http://openwall.com/lists/oss-security/2017/10/13/2
http://www.debian.org/security/2017/dsa-4009
https://github.com/shadowsocks/shadowsocks-libev/commit/c67d275803dc6ea22c558d06b1f7ba9f94cd8de3
https://github.com/shadowsocks/shadowsocks-libev/issues/1734
https://www.x41-dsec.de/lab/advisories/x41-2017-010-shadowsocks-libev/