Published: 11/11/2020 Updated: 24/11/2020

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

An Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freedesktop accountsservice

A bash script exploit of [CVE-2020-16126/CVE-2020-16127] to achieve privilege escalation.Ubuntu 16.04-20.04 LTS本地提权漏洞利用脚本。要求拥有Gnome图形化环境。

Ubuntu-Gnome-privilege-escalation A bash script exploit of [CVE-2020-16126/CVE-2020-16127] to achieve privilege escalation 一个可以方便实现Ubuntu本地提权的bash脚本（利用CVE-2020-16126/CVE-2020-16127漏洞），要求处于Gnome环境。 Affect version Ubuntu 20041\2010\1804\1604 LTS and so on Usage curl rawgithubusercontentcom/zev3n/Ubuntu-Gnom

CWE-835 https://securitylab.github.com/advisories/GHSL-2020-187-accountsservice-drop-privs-DOS https://nvd.nist.gov https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-16127

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect