CVE-2018-1000857
EUVD-2018-204220.12.2018, 17:29
log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/(remote) environment variable manipulation similar shell-shock also possible.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| open-systems | log-user-session | 𝑥 ≤ 0.7 |
𝑥
= Vulnerable software versions