Lucene search
HistoryAug 16, 2022 - 1:15 a.m.
CVE-2022-24949
cve-2022-24949
eternal terminal
privilege escalation
root
nvd
vulnerability
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
28.8%
A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition, buffer overflow, and logic bug all in PipeSocketHandler::listen().
Affected configurations
Node
eternal_terminal_projecteternal_terminalRange<6.2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| eternal_terminal_project:eternal_terminal | eternal terminal project eternal terminal | lt | 6.2.0 |
CNA Affected
[
{
"product": "Eternal Terminal",
"vendor": "Jason Gauci",
"versions": [
{
"lessThan": "6.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2022-24949
2022-08-16 01:15:07
cvelist
cvelist
CVE-2022-24949
2022-08-16 00:30:36
osv
osv
CVE-2022-24949
2022-08-16 01:15:07
prion
prion
Race condition
2022-08-16 01:15:00
suse
suse
Security update for EternalTerminal (important)
2022-11-02 00:00:00
Security update for EternalTerminal (important)
2022-11-02 00:00:00
nessus
nessus
openSUSE 15 Security Update : EternalTerminal (openSUSE-SU-2022:10187-1)
2022-11-03 00:00:00
openSUSE 15 Security Update : EternalTerminal (openSUSE-SU-2022:10185-1)
2022-11-03 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
28.8%
Related for CVE-2022-24949