Published: 24/05/2019 Updated: 11/04/2024

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

It exists freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated "there is simply no way for anyone to gain privileges through this alleged issue."

Vulnerable Product	Search on Vulmon	Subscribe to Product
freeradius freeradius
fedoraproject fedora 29
fedoraproject fedora 30
redhat enterprise linux 8.0

Debian Bug report logs - #929466 freeradius: CVE-2019-10143: privilege escalation due to insecure logration Package: src:freeradius; Maintainer for src:freeradius is Debian FreeRADIUS Packaging Team <pkg-freeradius-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 2 ...

Synopsis Moderate: freeradius security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for freeradius is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CV ...

Synopsis Moderate: freeradius:30 security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for the freeradius:30 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...

It was discovered freeradius does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user (CVE-2019-10143) An information leak was discovered in the ...

FreeRadius versions 3019 and below suffer from a privilege escalation vulnerability via insecure logrotate use ...

Full Disclosure mailing list archives   By Date By Thread </form>    [AIT-SA-20191112-01] CVE-2019-10143: Privilege Escalation via Logrotate in FreeRadius  <!-- ...

CWE-250 CWE-266 https://github.com/FreeRADIUS/freeradius-server/pull/2666 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10143 https://freeradius.org/security/https://access.redhat.com/errata/RHSA-2019:3353 http://packetstormsecurity.com/files/155361/FreeRadius-3.0.19-Logrotate-Privilege-Escalation.html http://seclists.org/fulldisclosure/2019/Nov/14 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKODLHHUOVAYENTBP4D3N25ST3Q6LJBP/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6VKBZAZKJP5QKXDXRKCM2ZPZND3TFAX/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929466 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2020-1515.html

CVE-2019-10143

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect