CVE-2019-7282 - OpenCVE

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Netkit	Netkit
Debian	Debian Linux
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:a:netkit:netkit:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:fedoraproject:fedora:34:::::::*
	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*

References

Link	Resource
https://bugs.debian.org/920486	Exploit Issue Tracking Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/11/msg00016.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU33YVEDGFDMAZPSRQTRVKSKG4FAX7QB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSEX3TKX2DBUKG4A7VJFDLSMZIBJQZ3G/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA24VQJATZWYV42JG2PQUW7IHIZS7UKP/
https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt	Not Applicable

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-01-31T18:00:00

Updated: 2022-03-30T02:06:07

Reserved: 2019-01-31T00:00:00

Link: CVE-2019-7282

JSON object: View

NVD Information

Status : Modified

Published: 2019-01-31T18:29:00.913

Modified: 2023-11-07T03:13:22.080

Link: CVE-2019-7282

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-01-31T00:00:00", "descriptions": [{"lang": "en", "value": "In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-03-30T02:06:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.debian.org/920486"}, {"tags": ["x_refsource_MISC"], "url": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt"}, {"name": "[debian-lts-announce] 20211118 [SECURITY] [DLA 2822-1] netkit-rsh security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00016.html"}, {"name": "FEDORA-2022-dd808b5a2c", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSEX3TKX2DBUKG4A7VJFDLSMZIBJQZ3G/"}, {"name": "FEDORA-2022-6748ae617b", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA24VQJATZWYV42JG2PQUW7IHIZS7UKP/"}, {"name": "FEDORA-2022-82a6236ac7", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU33YVEDGFDMAZPSRQTRVKSKG4FAX7QB/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-7282", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.debian.org/920486", "refsource": "MISC", "url": "https://bugs.debian.org/920486"}, {"name": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", "refsource": "MISC", "url": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt"}, {"name": "[debian-lts-announce] 20211118 [SECURITY] [DLA 2822-1] netkit-rsh security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00016.html"}, {"name": "FEDORA-2022-dd808b5a2c", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSEX3TKX2DBUKG4A7VJFDLSMZIBJQZ3G/"}, {"name": "FEDORA-2022-6748ae617b", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NA24VQJATZWYV42JG2PQUW7IHIZS7UKP/"}, {"name": "FEDORA-2022-82a6236ac7", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU33YVEDGFDMAZPSRQTRVKSKG4FAX7QB/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-7282", "datePublished": "2019-01-31T18:00:00", "dateReserved": "2019-01-31T00:00:00", "dateUpdated": "2022-03-30T02:06:07", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netkit:netkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2D4663F-3F6E-4A3D-95DB-7E093C3DD825", "versionEndIncluding": "0.17", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685."}, {"lang": "es", "value": "En NetKit hasta la versi\u00f3n 0.17, rcp.c en el cliente rcp permite que los servidores rsh omitan las restricciones de acceso planeadas mediante un nombre de archivo \".\" o un nombre de archivo vac\u00edo. El impacto consiste en modificar los permisos del directorio objetivo en el lado del cliente. Esto es similar a CVE-2018-20685."}], "id": "CVE-2019-7282", "lastModified": "2023-11-07T03:13:22.080", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-01-31T18:29:00.913", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugs.debian.org/920486"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00016.html"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU33YVEDGFDMAZPSRQTRVKSKG4FAX7QB/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSEX3TKX2DBUKG4A7VJFDLSMZIBJQZ3G/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA24VQJATZWYV42JG2PQUW7IHIZS7UKP/"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}