NVD

Id
82230  
Name
CVE-2017-5180  
Description
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-03-29  
Published
2017-02-09  
Modified Date
2017-03-23  
Seq
2017-5180  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
65851 JVNDB-2017-002190 Firejail におけるサンドボックスのエスケープ攻撃を実行される脆弱性 Firejail には、サンドボックスのエスケープ攻撃を実行される脆弱性が存在します。 CVE-2017-5180 CVE-2017-5180 82230 4.6 8.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002190.html 2017-01-07 2017-03-31 View