ID CVE-2017-2675Type cveReporter NVDModified 2017-04-12T15:25:46
Description
Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file "at.obdev.littlesnitchd.plist" which gets installed to /Library/LaunchDaemons.
{"cpe": ["cpe:/a:objective_development:little_snitch:3.3", "cpe:/a:objective_development:little_snitch:3.6.2", "cpe:/a:objective_development:little_snitch:3.1", "cpe:/a:objective_development:little_snitch:3.5.2", "cpe:/a:objective_development:little_snitch:3.4", "cpe:/a:objective_development:little_snitch:3.3.1", "cpe:/a:objective_development:little_snitch:3.1.1", "cpe:/a:objective_development:little_snitch:3.4.1", "cpe:/a:objective_development:little_snitch:3.7.2", "cpe:/a:objective_development:little_snitch:3.3.4", "cpe:/a:objective_development:little_snitch:3.0.2", "cpe:/a:objective_development:little_snitch:3.5.1", "cpe:/a:objective_development:little_snitch:3.3.2", "cpe:/a:objective_development:little_snitch:3.0", "cpe:/a:objective_development:little_snitch:3.6.4", "cpe:/a:objective_development:little_snitch:3.7.3", "cpe:/a:objective_development:little_snitch:3.7", "cpe:/a:objective_development:little_snitch:3.5", "cpe:/a:objective_development:little_snitch:3.5.3", "cpe:/a:objective_development:little_snitch:3.3.3", "cpe:/a:objective_development:little_snitch:3.0.3", "cpe:/a:objective_development:little_snitch:3.0.1", "cpe:/a:objective_development:little_snitch:3.6", "cpe:/a:objective_development:little_snitch:3.6.1", "cpe:/a:objective_development:little_snitch:3.0.4", "cpe:/a:objective_development:little_snitch:3.7.1", "cpe:/a:objective_development:little_snitch:3.6.3", "cpe:/a:objective_development:little_snitch:3.4.2"], "title": "CVE-2017-2675", "published": "2017-04-06T11:59:00", "references": ["https://www.obdev.at/products/littlesnitch/releasenotes.html", "https://twitter.com/patrickwardle/status/849076615170711552"], "type": "cve", "enchantments": {"score": {"value": 2.1, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2017-04-13T08:19:39"}, "vulnersScore": 2.1}, "cvelist": ["CVE-2017-2675"], "viewCount": 23, "hash": "809325482782ba353de8e935b14571b2e1379bc40e0b536e6eeea7df24ad2b83", "scanner": [], "id": "CVE-2017-2675", "modified": "2017-04-12T15:25:46", "history": [{"edition": 2, "lastseen": "2017-04-12T08:19:31", "bulletin": {"id": "CVE-2017-2675", "published": "2017-04-06T11:59:00", "cpe": [], "type": "cve", "references": ["https://www.obdev.at/products/littlesnitch/releasenotes.html", "https://twitter.com/patrickwardle/status/849076615170711552"], "cvelist": ["CVE-2017-2675"], "viewCount": 8, "scanner": [], "title": "CVE-2017-2675", "hash": "eb05614c1f9e4678ffd19c1638b1a0494abce6db4fc0257c2acbddc1f852e47c", "modified": "2017-04-11T21:59:01", "history": [], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "5d596ffd7f2951e618078ce5392790b3", "key": "modified"}, {"hash": "8276bc70c7f677aa76cab05eb13112f9", "key": "description"}, {"hash": "c961087016692dc91ef469c13ef8dacc", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "eb606c6b9e78b7631f6360c118587b9d", "key": "cvelist"}, {"hash": "14fe5e31f1a40eb81097792f89c9e4f2", "key": "href"}, {"hash": "4ee87e5464040a44c7f48c3e98b6a5d8", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "5cb356109c2d09a24434ba41b6d7a491", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "objectVersion": "1.2", "assessment": {"system": "", "href": "", "name": ""}, "edition": 2, "description": "Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file \"at.obdev.littlesnitchd.plist\" which gets installed to /Library/LaunchDaemons.", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2675", "bulletinFamily": "NVD", "reporter": "NVD", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-04-12T08:19:31"}, "differentElements": ["cvss", "modified", "cpe"]}, {"edition": 1, "lastseen": "2017-04-07T08:18:57", "bulletin": {"id": "CVE-2017-2675", "published": "2017-04-06T11:59:00", "cpe": [], "type": "cve", "references": ["https://www.obdev.at/products/littlesnitch/releasenotes.html"], "cvelist": ["CVE-2017-2675"], "viewCount": 8, "scanner": [], "title": "CVE-2017-2675", "hash": "47616ebc39f81706860eded224f6095232313919f5f2b137ab16121902f229a0", "modified": "2017-04-06T11:59:00", "history": [], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "8276bc70c7f677aa76cab05eb13112f9", "key": "description"}, {"hash": "5cb356109c2d09a24434ba41b6d7a491", "key": "modified"}, {"hash": "37f6fbf969118756bf824dc3ed0b7233", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "eb606c6b9e78b7631f6360c118587b9d", "key": "cvelist"}, {"hash": "14fe5e31f1a40eb81097792f89c9e4f2", "key": "href"}, {"hash": "4ee87e5464040a44c7f48c3e98b6a5d8", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "5cb356109c2d09a24434ba41b6d7a491", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "objectVersion": "1.2", "assessment": {"system": "", "href": "", "name": ""}, "edition": 1, "description": "Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file \"at.obdev.littlesnitchd.plist\" which gets installed to /Library/LaunchDaemons.", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2675", "bulletinFamily": "NVD", "reporter": "NVD", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-04-07T08:18:57"}, "differentElements": ["references", "modified"]}], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2675", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "e46c8cd504eefb57d06f9fba1674f6ec", "key": "cpe"}, {"hash": "eb606c6b9e78b7631f6360c118587b9d", "key": "cvelist"}, {"hash": "292f2e293571b0e70e3182b615982dad", "key": "cvss"}, {"hash": "8276bc70c7f677aa76cab05eb13112f9", "key": "description"}, {"hash": "14fe5e31f1a40eb81097792f89c9e4f2", "key": "href"}, {"hash": "7bef8b313551567171b453540cee2332", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "5cb356109c2d09a24434ba41b6d7a491", "key": "published"}, {"hash": "c961087016692dc91ef469c13ef8dacc", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "4ee87e5464040a44c7f48c3e98b6a5d8", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "objectVersion": "1.2", "assessment": {"system": "", "href": "", "name": ""}, "edition": 3, "description": "Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file \"at.obdev.littlesnitchd.plist\" which gets installed to /Library/LaunchDaemons.", "bulletinFamily": "NVD", "reporter": "NVD", "cvss": {"vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 4.6}, "lastseen": "2017-04-13T08:19:39"}
{}
