CVE-2014-8169 – autofs: priv escalation via interpreter load path for program based automount maps

https://notcve.org/view.php?id=CVE-2014-8169

automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory. automount 5.0.8, cuando una mapa de programa utilice ciertos lenguajes interpretados, utiliza los valores de las variables de entorno USER y HOME del usuario llamante en lugar de los valores del usuario utilizados para hacer funcionar el programa mapeado, lo que permite a usuarios locales ganar privilegios a través de un programa troyano en el directorio de inicio del usuario. It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. • http://lists.opensuse.org/opensuse-updates/2015-03/msg00033.html http://rhn.redhat.com/errata/RHSA-2015-1344.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/73211 http://www.ubuntu.com/usn/USN-2579-1 https://bugzilla.redhat.com/show_bug.cgi?id=1192565 https://bugzilla.suse.com/show_bug.cgi?id=917977 https://access.redhat.com/security/cve/CVE-2014-8169 • CWE-264: Permissions, Privileges, and Access Controls CWE-426: Untrusted Search Path •