Search

Find a vulnerability

Search criteria

    2 vulnerabilities by ignitum

    CVE-2017-15918 (GCVE-0-2017-15918)

    Vulnerability from nvd – Published: 2017-11-01 17:00 – Updated: 2024-08-05 20:04
    VLAI
    Summary
    Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2017-10-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:04:50.480Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://m4.rkw.io/blog/cve201715918-sera-12-local-root-privesc-and-password-disclosure.html"
              },
              {
                "name": "43221",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43221/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-10-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sera 1.2 stores the user\u0027s login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-19T10:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://m4.rkw.io/blog/cve201715918-sera-12-local-root-privesc-and-password-disclosure.html"
            },
            {
              "name": "43221",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43221/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2017-15918",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Sera 1.2 stores the user\u0027s login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://m4.rkw.io/blog/cve201715918-sera-12-local-root-privesc-and-password-disclosure.html",
                  "refsource": "MISC",
                  "url": "https://m4.rkw.io/blog/cve201715918-sera-12-local-root-privesc-and-password-disclosure.html"
                },
                {
                  "name": "43221",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43221/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2017-15918",
        "datePublished": "2017-11-01T17:00:00.000Z",
        "dateReserved": "2017-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:04:50.480Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-15918 (GCVE-0-2017-15918)

    Vulnerability from cvelistv5 – Published: 2017-11-01 17:00 – Updated: 2024-08-05 20:04
    VLAI
    Summary
    Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2017-10-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:04:50.480Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://m4.rkw.io/blog/cve201715918-sera-12-local-root-privesc-and-password-disclosure.html"
              },
              {
                "name": "43221",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/43221/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-10-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sera 1.2 stores the user\u0027s login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-19T10:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://m4.rkw.io/blog/cve201715918-sera-12-local-root-privesc-and-password-disclosure.html"
            },
            {
              "name": "43221",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/43221/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2017-15918",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Sera 1.2 stores the user\u0027s login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://m4.rkw.io/blog/cve201715918-sera-12-local-root-privesc-and-password-disclosure.html",
                  "refsource": "MISC",
                  "url": "https://m4.rkw.io/blog/cve201715918-sera-12-local-root-privesc-and-password-disclosure.html"
                },
                {
                  "name": "43221",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/43221/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2017-15918",
        "datePublished": "2017-11-01T17:00:00.000Z",
        "dateReserved": "2017-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:04:50.480Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }