Vulnerability-Lookup

CNVD-2019-24220

Vulnerability from cnvd - Published: 2019-07-23

Title

Private Internet Access (PIA) VPN客户端任意文件覆盖漏洞（CNVD-2019-24220）

Description

Private Internet Access (PIA)是由London Trust Media公司经营的商业VPN服务。 macOS版London Trust Media Private Internet Access (PIA) VPN客户端0.9.8 beta (build 02099)存在任意文件覆盖漏洞。攻击者可利用该漏洞通过创建指向系统上任何用户所拥有的任意文件的硬链接或软链接利用该漏洞导致拒绝服务和数据丢失。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新：https://www.privateinternetaccess.com/pages/downloads

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-12571

Impacted products

Name
London Trust Media Private Internet Access (PIA) VPN客户端 0.9.8 beta (build 02099)

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-12571",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-12571"
    }
  },
  "description": "Private Internet Access (PIA)\u662f\u7531London Trust Media\u516c\u53f8\u7ecf\u8425\u7684\u5546\u4e1aVPN\u670d\u52a1\u3002\n\nmacOS\u7248London Trust Media Private Internet Access (PIA) VPN\u5ba2\u6237\u7aef0.9.8 beta (build 02099)\u5b58\u5728\u4efb\u610f\u6587\u4ef6\u8986\u76d6\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u521b\u5efa\u6307\u5411\u7cfb\u7edf\u4e0a\u4efb\u4f55\u7528\u6237\u6240\u62e5\u6709\u7684\u4efb\u610f\u6587\u4ef6\u7684\u786c\u94fe\u63a5\u6216\u8f6f\u94fe\u63a5\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u548c\u6570\u636e\u4e22\u5931\u3002",
  "discovererName": "Rich Mirch",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1ahttps://www.privateinternetaccess.com/pages/downloads",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-24220",
  "openTime": "2019-07-23",
  "products": {
    "product": "London Trust Media Private Internet Access (PIA) VPN\u5ba2\u6237\u7aef 0.9.8 beta (build 02099)"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-12571",
  "serverity": "\u4e2d",
  "submitTime": "2019-07-12",
  "title": "Private Internet Access (PIA) VPN\u5ba2\u6237\u7aef\u4efb\u610f\u6587\u4ef6\u8986\u76d6\u6f0f\u6d1e\uff08CNVD-2019-24220\uff09"
}

CVE-2019-12571 (GCVE-0-2019-12571)

Vulnerability from cvelistv5 – Published: 2019-07-11 19:45 – Updated: 2024-08-04 23:24

Summary

A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a connection, the XML /tmp/pia-watcher.plist file is created. If the file exists, it will be truncated and the contents completely overwritten. This file is removed on disconnect. An unprivileged user can create a hard or soft link to arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/mirchr/security-research/blob/…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:38.951Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12571.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a connection, the XML /tmp/pia-watcher.plist file is created. If the file exists, it will be truncated and the contents completely overwritten. This file is removed on disconnect. An unprivileged user can create a hard or soft link to arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-11T19:45:24.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12571.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12571",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a connection, the XML /tmp/pia-watcher.plist file is created. If the file exists, it will be truncated and the contents completely overwritten. This file is removed on disconnect. An unprivileged user can create a hard or soft link to arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12571.txt",
              "refsource": "MISC",
              "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12571.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12571",
    "datePublished": "2019-07-11T19:45:24.000Z",
    "dateReserved": "2019-06-02T00:00:00.000Z",
    "dateUpdated": "2024-08-04T23:24:38.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-24220

CVE-2019-12571 (GCVE-0-2019-12571)

Tags

Sightings

Nomenclature