Vulnerability-Lookup

CNVD-2018-01483

Vulnerability from cnvd - Published: 2018-01-19

Title

Valve Steam Link未明漏洞

Description

Valve Steam Link是美国Value Software公司的一款Steam在线游戏设备。 Valve Steam Link中存在安全漏洞。远程攻击者可通过猜测24位的MAC地址并尝试以root权限登录利用该漏洞获取访问权限。

Severity

高

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页及时更新： http://www.valvesoftware.com/

Reference

https://blogger.davidmanouchehri.com/2017/12/steam-link-security-remotely-insecure.html

Impacted products

Name
Value Software Steam Link build 643

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-17877"
    }
  },
  "description": "Valve Steam Link\u662f\u7f8e\u56fdValue Software\u516c\u53f8\u7684\u4e00\u6b3eSteam\u5728\u7ebf\u6e38\u620f\u8bbe\u5907\u3002\r\n\r\nValve Steam Link\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u731c\u6d4b24\u4f4d\u7684MAC\u5730\u5740\u5e76\u5c1d\u8bd5\u4ee5root\u6743\u9650\u767b\u5f55\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u8bbf\u95ee\u6743\u9650\u3002",
  "discovererName": "unknown",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttp://www.valvesoftware.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-01483",
  "openTime": "2018-01-19",
  "products": {
    "product": "Value Software Steam Link build 643"
  },
  "referenceLink": "https://blogger.davidmanouchehri.com/2017/12/steam-link-security-remotely-insecure.html",
  "serverity": "\u9ad8",
  "submitTime": "2017-12-29",
  "title": "Valve Steam Link\u672a\u660e\u6f0f\u6d1e"
}

CVE-2017-17877 (GCVE-0-2017-17877)

Vulnerability from cvelistv5 – Published: 2017-12-24 02:00 – Updated: 2024-09-16 16:58

Summary

An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers to obtain access by guessing 24 bits of the MAC address and attempting a root login. This can be exploited in conjunction with CVE-2017-17878.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://blogger.davidmanouchehri.com/2017/12/stea…	x_refsource_MISC
	https://github.com/ValveSoftware/steamlink-sdk/is…	x_refsource_MISC
	https://github.com/ValveSoftware/steamlink-sdk#ss…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.510Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogger.davidmanouchehri.com/2017/12/steam-link-security-remotely-insecure.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ValveSoftware/steamlink-sdk/issues/119"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ValveSoftware/steamlink-sdk#ssh-access"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers to obtain access by guessing 24 bits of the MAC address and attempting a root login. This can be exploited in conjunction with CVE-2017-17878."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-24T02:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogger.davidmanouchehri.com/2017/12/steam-link-security-remotely-insecure.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ValveSoftware/steamlink-sdk/issues/119"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ValveSoftware/steamlink-sdk#ssh-access"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17877",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers to obtain access by guessing 24 bits of the MAC address and attempting a root login. This can be exploited in conjunction with CVE-2017-17878."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://blogger.davidmanouchehri.com/2017/12/steam-link-security-remotely-insecure.html",
              "refsource": "MISC",
              "url": "https://blogger.davidmanouchehri.com/2017/12/steam-link-security-remotely-insecure.html"
            },
            {
              "name": "https://github.com/ValveSoftware/steamlink-sdk/issues/119",
              "refsource": "MISC",
              "url": "https://github.com/ValveSoftware/steamlink-sdk/issues/119"
            },
            {
              "name": "https://github.com/ValveSoftware/steamlink-sdk#ssh-access",
              "refsource": "MISC",
              "url": "https://github.com/ValveSoftware/steamlink-sdk#ssh-access"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17877",
    "datePublished": "2017-12-24T02:00:00Z",
    "dateReserved": "2017-12-23T00:00:00Z",
    "dateUpdated": "2024-09-16T16:58:16.774Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-01483

CVE-2017-17877 (GCVE-0-2017-17877)

Tags

Sightings

Nomenclature