Lucene search
Ubuntu.comUB:CVE-2018-25078HistoryJan 26, 2023 - 12:00 a.m.
CVE-2018-25078
2023-01-2600:00:00
ubuntu.com
ubuntu.com
25
cve-2018-25078
gentoo
privilege escalation
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
man-db before 2.8.5 on Gentoo allows local users (with access to the man
user account) to gain root privileges because /usr/bin/mandb is executed by
root but not owned by root. (Also, the owner can strip the setuid and
setgid bits.)
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | This doesn’t affect Ubuntu, mandb is owned by root. |
Related
debiancve
debiancve
CVE-2018-25078
2023-01-26 21:15:16
cve
cve
CVE-2018-25078
2023-01-26 21:15:16
cvelist
cvelist
CVE-2018-25078
2023-01-25 00:00:00
prion
prion
Code injection
2023-01-26 21:15:00
gentoo
gentoo
man-db: privilege escalation
2023-10-08 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2432
2024-06-17 08:57:56
nessus
nessus
GLSA-202310-08 : man-db: privilege escalation
2023-10-08 00:00:00
nvd
nvd
CVE-2018-25078
2023-01-26 21:15:16
cbl_mariner
cbl_mariner
CVE-2018-25078 affecting package man-db 2.8.4-5
2024-06-29 09:08:28
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for UB:CVE-2018-25078