Vulnerability Name:

CVE-2015-5070 (CCN-104080)

Assigned:2015-06-25
Published:2015-06-25
Updated:2017-10-10
Summary:The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML.
Note: this vulnerability exists because of an incomplete fix for CVE-2015-5069.
CVSS v3 Severity:3.1 Low (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N)
2.6 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2015-5070

Source: FEDORA
Type: Third Party Advisory
FEDORA-2015-10973

Source: FEDORA
Type: Third Party Advisory
FEDORA-2015-10964

Source: CCN
Type: oss-security Mailing List, Wed, 24 Jun 2015 22:32:53 -0300
CVE request: Wesnoth authentication information disclosure

Source: CCN
Type: oss-security Mailing List, Thu, 25 Jun 2015 07:46:15 -0400 (EDT)
Re: CVE request: Wesnoth authentication information disclosure

Source: MLIST
Type: Mailing List, Patch, Third Party Advisory, VDB Entry
[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure

Source: BID
Type: Third Party Advisory, VDB Entry
75425

Source: CCN
Type: Wesnoth Web site
Wesnoth

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory, VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1236010

Source: XF
Type: UNKNOWN
wesnoth-cve20155070-info-disc(104080)

Source: CCN
Type: Wesnoth SVN Repository
Use looks_like_pbl() to disallow .pbl file inclusion (bug #23504)

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59

Source: CONFIRM
Type: Release Notes, Third Party Advisory
https://github.com/wesnoth/wesnoth/releases/tag/1.12.4

Source: CONFIRM
Type: Release Notes, Third Party Advisory
https://github.com/wesnoth/wesnoth/releases/tag/1.13.1

Source: MISC
Type: Broken Link
https://gna.org/bugs/?23504

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-5070

Vulnerable Configuration:Configuration 1:
  • cpe:/a:wesnoth:battle_for_wesnoth:*:*:*:*:*:*:*:* (Version <= 1.12.2)
  • OR cpe:/a:wesnoth:battle_for_wesnoth:1.13.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:21:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:22:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:wesnoth:battle_for_wesnoth:1.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:wesnoth:battle_for_wesnoth:1.12.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.artful:def:20155070000
    V
    		CVE-2015-5070 on Ubuntu 17.10 (artful) - medium.
    2017-09-26
    oval:com.ubuntu.xenial:def:20155070000
    V
    		CVE-2015-5070 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-09-26
    oval:com.ubuntu.bionic:def:20155070000
    V
    		CVE-2015-5070 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-09-26
    oval:com.ubuntu.bionic:def:201550700000000
    V
    		CVE-2015-5070 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-09-26
    oval:com.ubuntu.xenial:def:201550700000000
    V
    		CVE-2015-5070 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-09-26
    oval:com.ubuntu.trusty:def:20155070000
    V
    		CVE-2015-5070 on Ubuntu 14.04 LTS (trusty) - medium.
    2017-09-26
    oval:com.ubuntu.precise:def:20155070000
    V
    		CVE-2015-5070 on Ubuntu 12.04 LTS (precise) - medium.
    2015-06-25
    BACK
    wesnoth battle for wesnoth *
    wesnoth battle for wesnoth 1.13.0
    fedoraproject fedora 21
    fedoraproject fedora 22
    wesnoth battle for wesnoth 1.12.1
    wesnoth battle for wesnoth 1.12.2