Vulnerabilities > CVE-2017-0359

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

reproducible-builds

debian

critical

nessus

exploit available

NVD

Published: 2018-04-13

Updated: 2019-12-03

Summary

diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive.

Vulnerable Configurations

Part	Description	Count
Application	Reproducible_Builds Reproducible Builds Diffoscope 1 Reproducible Builds Diffoscope 2 Reproducible Builds Diffoscope 3 Reproducible Builds Diffoscope 4 Reproducible Builds Diffoscope 5 Reproducible Builds Diffoscope 6 Reproducible Builds Diffoscope 7 Reproducible Builds Diffoscope 8 Reproducible Builds Diffoscope 9 Reproducible Builds Diffoscope 10 Reproducible Builds Diffoscope 11 Reproducible Builds Diffoscope 12 Reproducible Builds Diffoscope 13 Reproducible Builds Diffoscope 14 Reproducible Builds Diffoscope 15 Reproducible Builds Diffoscope 16 Reproducible Builds Diffoscope 17 Reproducible Builds Diffoscope 18 Reproducible Builds Diffoscope 19 Reproducible Builds Diffoscope 20 Reproducible Builds Diffoscope 21 Reproducible Builds Diffoscope 22 Reproducible Builds Diffoscope 23 Reproducible Builds Diffoscope 24 Reproducible Builds Diffoscope 25 Reproducible Builds Diffoscope 26 Reproducible Builds Diffoscope 27 Reproducible Builds Diffoscope 28 Reproducible Builds Diffoscope 29 Reproducible Builds Diffoscope 30 Reproducible Builds Diffoscope 31 Reproducible Builds Diffoscope 32 Reproducible Builds Diffoscope 33 Reproducible Builds Diffoscope 34 Reproducible Builds Diffoscope 35 Reproducible Builds Diffoscope 36 Reproducible Builds Diffoscope 37 Reproducible Builds Diffoscope 38 Reproducible Builds Diffoscope 39 Reproducible Builds Diffoscope 40 Reproducible Builds Diffoscope 41 Reproducible Builds Diffoscope 42 Reproducible Builds Diffoscope 43 Reproducible Builds Diffoscope 44 Reproducible Builds Diffoscope 45 Reproducible Builds Diffoscope 46 Reproducible Builds Diffoscope 47 Reproducible Builds Diffoscope 48 Reproducible Builds Diffoscope 49 Reproducible Builds Diffoscope 50 Reproducible Builds Diffoscope 51 Reproducible Builds Diffoscope 52 Reproducible Builds Diffoscope 53 Reproducible Builds Diffoscope 54 Reproducible Builds Diffoscope 55 Reproducible Builds Diffoscope 56 Reproducible Builds Diffoscope 57 Reproducible Builds Diffoscope 58 Reproducible Builds Diffoscope 59 Reproducible Builds Diffoscope 60 Reproducible Builds Diffoscope 61 Reproducible Builds Diffoscope 62 Reproducible Builds Diffoscope 63 Reproducible Builds Diffoscope 64 Reproducible Builds Diffoscope 65 Reproducible Builds Diffoscope 66 Reproducible Builds Diffoscope 67 Reproducible Builds Diffoscope 68 Reproducible Builds Diffoscope 69 Reproducible Builds Diffoscope 70 Reproducible Builds Diffoscope 71 Reproducible Builds Diffoscope 72 Reproducible Builds Diffoscope 73 Reproducible Builds Diffoscope 74 Reproducible Builds Diffoscope 75 Reproducible Builds Diffoscope 76	76
OS	Debian Debian Debian Linux 9.0	1

Exploit-Db

description	ntfs-3g (Debian 9) - Privilege Escalation. CVE-2017-0358. Local exploit for Linux platform
file	exploits/linux/local/41240.sh
id	EDB-ID:41240
last seen	2017-02-04
modified	2017-02-03
platform	linux
port
published	2017-02-03
reporter	Exploit-DB
source	https://www.exploit-db.com/download/41240/
title	ntfs-3g (Debian 9) - Privilege Escalation
type	local

Nessus

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2017-33CB46C6B0.NASL
description	Update to the latest version, fixes a security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2017-02-23
plugin id	97336
published	2017-02-23
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/97336
title	Fedora 24 : diffoscope (2017-33cb46c6b0)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2017-33cb46c6b0. # include("compat.inc"); if (description) { script_id(97336); script_version("3.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-0359"); script_xref(name:"FEDORA", value:"2017-33cb46c6b0"); script_name(english:"Fedora 24 : diffoscope (2017-33cb46c6b0)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update to the latest version, fixes a security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-33cb46c6b0" ); script_set_attribute( attribute:"solution", value:"Update the affected diffoscope package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:diffoscope"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:24"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/13"); script_set_attribute(attribute:"patch_publication_date", value:"2017/02/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^24([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 24", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC24", reference:"diffoscope-77-1.fc24")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "diffoscope"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2018-19.NASL
description	This update for diffoscope to version 85 fixes one issues. This security issue was fixed : - CVE-2017-0359: Prevent write to arbitrary locations (boo#1025086). For other changes please see the GIT log.
last seen	2020-06-05
modified	2018-01-11
plugin id	105740
published	2018-01-11
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/105740
title	openSUSE Security Update : diffoscope (openSUSE-2018-19)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2018-19. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(105740); script_version("3.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-0359"); script_name(english:"openSUSE Security Update : diffoscope (openSUSE-2018-19)"); script_summary(english:"Check for the openSUSE-2018-19 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for diffoscope to version 85 fixes one issues. This security issue was fixed : - CVE-2017-0359: Prevent write to arbitrary locations (boo#1025086). For other changes please see the GIT log." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1025086" ); script_set_attribute( attribute:"solution", value:"Update the affected diffoscope package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:diffoscope"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"patch_publication_date", value:"2018/01/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( rpm_check(release:"SUSE42.3", reference:"diffoscope-85-3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "diffoscope"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2017-101722EB25.NASL
description	Update to the latest version, fixes a security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2017-02-23
plugin id	97334
published	2017-02-23
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/97334
title	Fedora 25 : diffoscope (2017-101722eb25)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2017-101722eb25. # include("compat.inc"); if (description) { script_id(97334); script_version("3.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-0359"); script_xref(name:"FEDORA", value:"2017-101722eb25"); script_name(english:"Fedora 25 : diffoscope (2017-101722eb25)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update to the latest version, fixes a security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-101722eb25" ); script_set_attribute( attribute:"solution", value:"Update the affected diffoscope package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:diffoscope"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/13"); script_set_attribute(attribute:"patch_publication_date", value:"2017/02/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^25([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC25", reference:"diffoscope-77-1.fc25")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "diffoscope"); }

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_077BBADFF2F411E692A7902B34361349.NASL
description	Ximin Luo reports : [v67] introduced a security hole where diffoscope may write to arbitrary locations on disk depending on the contents of an untrusted archive.
last seen	2020-06-01
modified	2020-06-02
plugin id	97197
published	2017-02-16
reporter	This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/97197
title	FreeBSD : diffoscope -- arbitrary file write (077bbadf-f2f4-11e6-92a7-902b34361349)

Vulnerabilities > CVE-2017-0359 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2017-0359"}]}

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References

Vulnerabilities > CVE-2017-0359