Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2023-1326

Published: 13/04/2023 Updated: 19/04/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Canonical

Vulnerability Summary

A privilege escalation attack was found in apport-cli 2.26.0 and previous versions which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

canonical apport

canonical ubuntu linux 18.04

canonical ubuntu linux 20.04

canonical ubuntu linux 22.04

canonical ubuntu linux 22.10

Github Repositories

https://github.com/jbiniek/cyberpoligon23

CYBERpoligon ISAC-GIG Politechnika Śląska, 22 czerwca 2023 CYBERpoligon - zadania dla uczestników Informacje ogólne Zasady Uczestnicy będą podzieleni na dwuosobowe zespoły Wszystkie zadania są punktowane Zwycięży zespół z największą liczbą punktów – aczkolwiek stawiamy na dobrą zabawę i w razie kłopotów będziemy podpowi

https://github.com/Pol-Ruiz/CVE-2023-1326

Esto es una prueba de concepto propia i basica de la vulneravilidad CVE-2023-1326

CVE-2023-1326 A proof of concept for CVE-2023–1326 in apport-cli 2260 This vulnerability is privilege escalation in apport-cli 2260, similar to CVE-2023–26604, this vulnerability only works if assign in sudoers: A privilege escalation attack was found in apport-cli 2260 and earlier which is similar to CVE-2023-26604 If a system is specially configured to all

https://github.com/diego-tella/CVE-2023-1326-PoC

A proof of concept for CVE-2023–1326 in apport-cli 2.26.0

CVE-2023-1326-PoC A proof of concept for CVE-2023–1326 in apport-cli 2260 This vulnerability is privilege escalation in apport-cli 2260, similar to CVE-2023–26604, this vulnerability only works if assign in sudoers: A privilege escalation attack was found in apport-cli 2260 and earlier which is similar to CVE-2023-26604 If a system is specially configured to

References

CWE-269https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c48ecbhttps://ubuntu.com/security/notices/USN-6018-1https://nvd.nist.govhttps://github.com/jbiniek/cyberpoligon23https://github.com/Pol-Ruiz/CVE-2023-1326
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook